FreeBSD : FreeBSD -- Possible login(1) argument injection in telnetd(8) (e00304d2-bbed-11e6-b1cf-14dae9d210b8)
Medium Nessus Plugin ID 95587
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionAn unexpected sequence of memory allocation failures combined with insufficient error checking could result in the construction and execution of an argument sequence that was not intended. Impact : An attacker who controls the sequence of memory allocation failures and success may cause login(1) to run without authentication and may be able to cause misbehavior of login(1) replacements.
No practical way of controlling these memory allocation failures is known at this time.
SolutionUpdate the affected packages.