Test ID:	1.3.6.1.4.1.25623.1.0.56353
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Security Advisory (FreeBSD-SA-06:10.nfs.asc)
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-06:10.nfs.asc
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:10.nfs.asc Vulnerability Insight: The Network File System (NFS) allows a host to export some or all of its filesystems so that other hosts can access them over the network and mount them as if they were on local disks. NFS is built on top of the Sun Remote Procedure Call (RPC) framework. A part of the NFS server code charged with handling incoming RPC messages via TCP had an error which, when the server received a message with a zero-length payload, would cause a NULL pointer dereference which results in a kernel panic. The kernel will only process the RPC messages if a userland nfsd daemon is running. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0900 BugTraq ID: 16838 http://www.securityfocus.com/bid/16838 FreeBSD Security Advisory: FreeBSD-SA-06:10 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:10.nfs.asc http://lists.immunitysec.com/pipermail/dailydave/2006-February/002982.html http://www.osvdb.org/23511 http://secunia.com/advisories/19017 http://securityreason.com/securityalert/521 XForce ISS Database: freebsd-nfsd-kernel-dos(24918) https://exchange.xforce.ibmcloud.com/vulnerabilities/24918
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.