FreeBSD : picasm -- buffer overflow vulnerability (8a3ece40-3315-11da-a263-0001020eed82)
Medium Nessus Plugin ID 21467
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionShaun Colley reports :
When generating error and warning messages, picasm copies strings into fixed length buffers without bounds checking.
If an attacker could trick a user into assembling a source file with a malformed 'error' directive, arbitrary code could be executed with the privileges of the user. This could result in full system compromise.
SolutionUpdate the affected package.