FreeBSD : FreeBSD -- link_ntoa(3) buffer overflow (0282269d-bbee-11e6-b1cf-14dae9d210b8)

High Nessus Plugin ID 95585


The remote FreeBSD host is missing one or more security-related updates.


A specially crafted argument can trigger a static buffer overflow in the library, with possibility to rewrite following static buffers that belong to other library functions. Impact : Due to very limited use of the function in the existing applications, and limited length of the overflow, exploitation of the vulnerability does not seem feasible.
None of the utilities and daemons in the base system are known to be vulnerable. However, careful review of third party software that may use the function was not performed.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 95585

File Name: freebsd_pkg_0282269dbbee11e6b1cf14dae9d210b8.nasl

Version: $Revision: 3.2 $

Type: local

Published: 2016/12/07

Modified: 2016/12/08

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:FreeBSD, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info, Settings/ParanoidReport

Patch Publication Date: 2016/12/06

Vulnerability Publication Date: 2016/12/06

Reference Information

CVE: CVE-2016-6559

FreeBSD: SA-16:37.libc