FreeBSD : hive -- authorization logic vulnerability (a5c204b5-4153-11e6-8dfe-002590263bf5)
High Nessus Plugin ID 91932
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSushanth Sowmyan reports :
Some partition-level operations exist that do not explicitly also authorize privileges of the parent table. This can lead to issues when the parent table would have denied the operation, but no denial occurs because the partition-level privilege is not checked by the authorization framework, which defines authorization entities only from the table level upwards.
SolutionUpdate the affected package.