FreeBSD : ppxp -- local root exploit (641e8609-cab5-11d9-9aed-000e0c2e438a)
High Nessus Plugin ID 56493
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionA Debian Advisory reports :
Jens Steube discovered that ppxp, yet another PPP program, does not release root privileges when opening potentially user-supplied log files. This can be tricked into opening a root shell.
SolutionUpdate the affected packages.