FreeBSD : libarchive -- multiple vulnerabilities (4a0d9b53-395d-11e6-b3c8-14dae9d210b8)
Medium Nessus Plugin ID 91791
Synopsis
The remote FreeBSD host is missing a security-related update.
Description
Hanno Bock and Cisco Talos report :
- Out of bounds heap read in RAR parser
- Signed integer overflow in ISO parser
- TALOS-2016-0152 [CVE-2016-4300]: 7-Zip read_SubStreamsInfo Integer Overflow
- TALOS-2016-0153 [CVE-2016-4301]: mtree parse_device Stack Based Buffer Overflow
- TALOS-2016-0154 [CVE-2016-4302]: Libarchive Rar RestartModel Heap Overflow
Solution
Update the affected package.