GLSA-200803-21 : Sarg: Remote execution of arbitrary code
Critical Nessus Plugin ID 31447
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200803-21 (Sarg: Remote execution of arbitrary code)
Sarg doesn't properly check its input for abnormal content when processing Squid log files.
There is no known workaround at this time.
SolutionAll sarg users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-analyzer/sarg-2.2.5'