FreeBSD : qemu -- denial of service vulnerability (a228c7a0-ba66-11e6-b1cf-14dae9d210b8)
High Nessus Plugin ID 95512
The remote FreeBSD host is missing one or more security-related updates.
Daniel P. Berrange reports : The VNC server websockets decoder will read and buffer data from websockets clients until it sees the end of the HTTP headers, as indicated by \r\n\r\n. In theory this allows a malicious to trick QEMU into consuming an arbitrary amount of RAM.