FreeBSD : sudo -- Potential bypass of sudo_noexec.so via wordexp() (2e4fbc9a-9d23-11e6-a298-14dae9d210b8)
High Nessus Plugin ID 94417
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionTodd C. Miller reports :
A flaw exists in sudo's noexec functionality that may allow a user with sudo privileges to run additional commands even when the NOEXEC tag has been applied to a command that uses the wordexp() function.
SolutionUpdate the affected package.