FreeBSD : spamdyke -- Buffer Overflow Vulnerabilities (7d2336c2-4607-11e1-9f47-00e0815b8da8)
High Nessus Plugin ID 57647
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Fixed a number of very serious errors in the usage of snprintf()/vsnprintf().
The return value was being used as the length of the string printed into the buffer, but the return value really indicates the length of the string that *could* be printed if the buffer were of infinite size. Because the returned value could be larger than the buffer's size, this meant remotely exploitable buffer overflows were possible, depending on spamdyke's configuration.
SolutionUpdate the affected package.