FreeBSD : monitorix -- serious bug in the built-in HTTP server (620cf713-5a99-11e3-878d-20cf30e32f6d)
High Nessus Plugin ID 71152
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionMonitorix Project reports :
A serious bug in the built-in HTTP server. It was discovered that the handle_request() routine did not properly perform input sanitization which led into a number of security vulnerabilities. An unauthenticated, remote attacker could exploit this flaw to execute arbitrary commands on the remote host. All users still using older versions are advised to upgrade to this version, which resolves this issue.
SolutionUpdate the affected package.