FreeBSD : sudo -- Potential bypass of tty_tickets constraints (82cfd919-8213-11e2-9273-902b343deec9)
Medium Nessus Plugin ID 64988
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionTodd Miller reports :
A (potentially malicious) program run by a user with sudo access may be able to bypass the 'tty_ticket' constraints. In order for this to succeed there must exist on the machine a terminal device that the user has previously authenticated themselves on via sudo within the last time stamp timeout (5 minutes by default).
SolutionUpdate the affected package.