FreeBSD : FreeBSD -- link_ntoa(3) buffer overflow (0282269d-bbee-11e6-b1cf-14dae9d210b8)

critical Nessus Plugin ID 95585

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A specially crafted argument can trigger a static buffer overflow in the library, with possibility to rewrite following static buffers that belong to other library functions. Impact : Due to very limited use of the function in the existing applications, and limited length of the overflow, exploitation of the vulnerability does not seem feasible.
None of the utilities and daemons in the base system are known to be vulnerable. However, careful review of third party software that may use the function was not performed.

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?98fb1d8f

Plugin Details

Severity: Critical

ID: 95585

File Name: freebsd_pkg_0282269dbbee11e6b1cf14dae9d210b8.nasl

Version: 3.5

Type: local

Published: 12/7/2016

Updated: 1/4/2021

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:freebsd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info, Settings/ParanoidReport

Patch Publication Date: 12/6/2016

Vulnerability Publication Date: 12/6/2016

Reference Information

CVE: CVE-2016-6559

FreeBSD: SA-16:37.libc