FreeBSD : FreeBSD -- Integer overflow in bzip2 decompression (18dc48fe-ca42-11df-aade-0050568f000c)

high Nessus Plugin ID 50329

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?ae5b1b41

Plugin Details

Severity: High

ID: 50329

File Name: freebsd_pkg_18dc48feca4211dfaade0050568f000c.nasl

Version: 1.13

Type: local

Published: 10/26/2010

Updated: 1/6/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:freebsd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/24/2010

Vulnerability Publication Date: 9/20/2010

Reference Information

FreeBSD: SA-10:08.bzip2