FreeBSD Security Advisory (FreeBSD-SA-09:07.libc.asc) Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:07.libc.asc

Solution

Upgrade your system to the appropriate stable release or security branch dated after the correction date https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-09:07.libc.asc

Insight

FreeBSD's C library (libc) contains code for creating and accessing Berkeley DB 1.85 database files. Such databases are used extensively in FreeBSD for example, the system password files (/etc/passwd and /etc/master.passwd) are normally accessed via their database files (/etc/pwd.db and /etc/spwd.db). Some data structures used by the database interface code are not properly initialized when allocated.

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

FreeBSD Ports: clamav
FreeBSD Ports: clamav
FreeBSD Ports: apache
django -- multiple vulnerabilities
FreeBSD Ports: bogofilter, bogofilter-qdbm, bogofilter-tdb, ru-bogofilter

Take action and discover your vulnerabilities