FreeBSD : SSH.COM SFTP server -- format string vulnerability (594ad3c5-a39b-11da-926c-0800209adf0e)
Medium Nessus Plugin ID 21431
The remote FreeBSD host is missing one or more security-related updates.
SSH Communications Security Corp reports a format string vulnerability in their SFTP server. This vulnerability could cause a user with SCP/SFTP access only to get permission to execute also other commands. It could also allow user A to create a special file that when accessed by user B allows user A to execute commands as user B.