FreeBSD : fsp buffer overflow and directory traversal vulnerabilities (20be2982-4aae-11d8-96f2-0020ed76ef5a)
High Nessus Plugin ID 36605
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe Debian security team reported a pair of vulnerabilities in fsp :
A vulnerability was discovered in fsp, client utilities for File Service Protocol (FSP), whereby a remote user could both escape from the FSP root directory (CAN-2003-1022), and also overflow a fixed-length buffer to execute arbitrary code (CAN-2004-0011).
SolutionUpdate the affected package.