FreeBSD : hashcash -- heap overflow vulnerability (2be7c122-0614-11db-9156-000e0c2e438a)
High Nessus Plugin ID 21768
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionAndreas Seltenreich reports that hashcash is prone to a heap overflow vulnerability. This vulnerability is caused by improper checking of memory allocations within the 'array_push()' function. An attacker could trigger this vulnerability by passing a lot of '-r' or '-j' flags from the command line, this only applies when the application is configured to allow command line options, or by passing a lot of resource names when the application was started with the '-m' flag set. This could lead to a Denial or Service or could allow remote access to the targeted system.
SolutionUpdate the affected package.