FreeBSD Ports: Dia Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/33672 http://www.vuxml.org/freebsd/25eb365c-fd11-11dd-8424-c213de35965d.html

Insight

The following package is affected: dia CVE-2008-5984 Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).

Severity

Classification

CVE CVE-2008-5984
CVSS Base Score: 6.9
AV:L/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

FreeBSD Ports: bugzilla
FreeBSD Ports: apache-tomcat
FreeBSD Ports: apache
FreeBSD Ports: apache
FreeBSD Ports: acroread4, acroread5

FreeBSD Ports: dia

Take action and discover your vulnerabilities