FreeBSD : cscope -- Buffer Overflow Vulnerabilities (74ff10f6-520f-11db-8f1a-000a48049292)
Medium Nessus Plugin ID 22517
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Will Drewry has reported some vulnerabilities in Cscope, which potentially can be exploited by malicious people to compromise a vulnerable system.
Various boundary errors within the parsing of file lists or the expansion of environment variables can be exploited to cause stack-based buffer overflows when parsing specially crafted 'cscope.lists' files or directories.
A boundary error within the parsing of command line arguments can be exploited to cause a stack-based buffer overflow when supplying an overly long 'reffile' argument.
Successful exploitation may allow execution of arbitrary code.
SolutionUpdate the affected package.