The remote host is missing an update to the system as announced in the referenced advisory.

Update your system with the appropriate patches or software upgrades. http://www.coresecurity.com/content/dnsmasq-vulnerabilities https://rhn.redhat.com/errata/RHSA-2009-1238.html http://www.vuxml.org/freebsd/80aa98e0-97b4-11de-b946-0030843d3802.html

The following package is affected: dnsmasq CVE-2009-2957 Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request. CVE-2009-2958 The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option.