FreeBSD : hashcash -- format string vulnerability (5ebfe901-a3cb-11d9-b248-000854d03344)
High Nessus Plugin ID 18951
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionA Gentoo Linux Security Advisory reports :
Tavis Ormandy of the Gentoo Linux Security Audit Team identified a flaw in the Hashcash utility that an attacker could expose by specifying a malformed reply address.
Successful exploitation would permit an attacker to disrupt Hashcash users, and potentially execute arbitrary code.
SolutionUpdate the affected package.