FreeBSD : chicken -- multiple vulnerabilities (c6932dd4-eaff-11e6-9ac1-a4badb2f4699)
High Nessus Plugin ID 96995
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionPeter Bex reports :
A buffer overflow error was found in the POSIX unit's procedures process-execute and process-spawn.
Additionally, a memory leak existed in this code, which would be triggered when an error is raised during argument and environment processing.
Irregex versions before 0.9.6 contain a resource exhaustion vulnerability: when compiling deeply nested regexes containing the '+' operator due to exponential expansion behaviour.
SolutionUpdate the affected package.