FreeBSD : Remote Denial of Service of HTTP server and client (1f738bda-c6ac-11d8-8898-000d6111a684)

medium Nessus Plugin ID 36865

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

giFT-FastTrack is susceptible to a remote Denial of Service attack which could allow a remote attacker to render HTTP services unusable.
According to the developers, no code execution is possible; however, they recommend an immediate upgrade.

Solution

Update the affected package.

See Also

http://developer.berlios.de/forum/forum.php?forum_id=5814

http://www.nessus.org/u?a0717260

Plugin Details

Severity: Medium

ID: 36865

File Name: freebsd_pkg_1f738bdac6ac11d88898000d6111a684.nasl

Version: 1.17

Type: local

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:gift-fasttrack, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 6/25/2004

Vulnerability Publication Date: 6/19/2004

Reference Information

CVE: CVE-2004-0604

BID: 10604

Secunia: 11941