Test ID:	1.3.6.1.4.1.25623.1.0.52319
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: rssh
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: rssh The installed version of rssh is vulnerable to a format string attack that allows an attacker to execute arbitrary code on the remote system. Specific to FreeBSD, only the account running rssh can be compromised (as opposed to root). Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1628 Bugtraq: 20041023 rssh: pizzacode security alert (Google Search) http://marc.info/?l=bugtraq&m=109855982425122&w=2 http://www.gentoo.org/security/en/glsa/glsa-200410-28.xml http://secunia.com/advisories/12954 XForce ISS Database: rssh-format-string(17831) https://exchange.xforce.ibmcloud.com/vulnerabilities/17831
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.