Family: FreeBSD Local Security Checks --> Category: infos
FreeBSD Ports : bnc <= 2.8.9 Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the bnc package
Detailed Explanation for this Vulnerability Test
The remote host has one of the following packages installed :
bnc <= 2.8.9
The function getnickuserhost() suffers from a buffer-overflow. It is called
when BNC processes a response from IRC server. An attacking server can use
this vulnerability to gain shell access, on the BNC running machine.
Solution : http://www.vuxml.org/freebsd/1f8dea68-3436-11d9-952f-000c6e8f12ef.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.