FreeBSD : PEAR -- Net_Ping and Net_Traceroute remote arbitrary command injection (56ba8728-f987-11de-b28d-00215c6a37bb)
Critical Nessus Plugin ID 43626
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionPEAR Security Advisory reports :
Multiple remote arbitrary command injections have been found in the Net_Ping and Net_Traceroute.
When input from forms are used directly, the attacker could pass variables that would allow him to execute remote arbitrary command injections.
SolutionUpdate the affected packages.