FreeBSD : rssh -- privilege escalation vulnerability (e34d0c2e-9efb-11da-b410-000e0c2e438a)
High Nessus Plugin ID 21525
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionPizzashack reports :
Max Vozeler has reported a problem whereby rssh can allow users who have shell access to systems where rssh is installed (and rssh_chroot_helper is installed SUID) to gain root access to the system, due to the ability to chroot to arbitrary locations. There are a lot of potentially mitigating factors, but to be safe you should upgrade immediately.
SolutionUpdate the affected package.