FreeBSD : mDNSResponder -- corrupted stack crash when parsing bad resolv.conf (1cd87e2a-81e3-11df-81d8-00262d5ed8ee)
High Nessus Plugin ID 47142
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionJuli Mallett reports :
mdnsd will crash on some systems with a corrupt stack and once that's fixed it will still leak a file descriptor when parsing resolv.conf.
The crash is because scanf is used with %10s for a buffer that is only 10 chars long. The buffer size needs increased to 11 chars to hold the trailing NUL. To fix the leak, an fclose needs added.
SolutionUpdate the affected package.