Bug #13578
closedFreeBSD Vulnerabilities
0%
Description
Im running a Nessuss scan against my pfsense+ firewall version pfsense+ 22.05-RELEASE (amd64) and it reports that FreeBSD has the following vulnerabilities:
1. FreeBSD : cURL -- Multiple vulnerabilities (ae5722a6-f5f0-11ec-856e-d4c9ef517024)
http://www.nessus.org/u?90626522
Affected version(s) : >= 7.16.4 < 7.84.0
Score 9.8
2. FreeBSD : expat -- Heap use-after-free vulnerability (0a0670a1-3e1a-11ed-b48b-e0d55e2a8bf9)
http://www.nessus.org/u?26d58c0b
Affected version(s) : < 2.4.9
Score 9.8
3. FreeBSD : dnsmasq -- heap use-after-free in dhcp6_no_relay (3f321a5a-b33b-11ec-80c2-1bb2c6a00592)
http://www.nessus.org/u?e7e361fd
http://www.nessus.org/u?2a4e838c
Affected version(s) : < 2.86_4,1
Score 7.5
4. FreeBSD : Python -- multiple vulnerabilities (80e057e7-2f0a-11ed-978f-fcaa147e860e)
http://www.nessus.org/u?c16cc88f
http://www.nessus.org/u?88a8f7bb
Affected version(s) : < 3.8.14
Score 7.5
5. FreeBSD : strongswan -- DOS attack vulnerability (0ae56f3e-488c-11ed-bb31-b42e99a1b9c3)
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-40617
http://www.nessus.org/u?4d4a88a5
Affected version(s) : < 5.9.8
Score 7.5
6. FreeBSD : unbound -- Non-Responsive Delegation Attack (5a1c2e06-3fb7-11ed-a402-b42e991fc52e)
https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
http://www.nessus.org/u?a840c4ec
Affected version(s) : < 1.16.2
Score 7.5
7. FreeBSD : Unbound -- Multiple vulnerabilities (bc43a578-14ec-11ed-856e-d4c9ef517024)
https://www.nlnetlabs.nl/projects/unbound/security-advisories/
http://www.nessus.org/u?146dd999
Affected version(s) : < 1.16.2
Score 6.5
Updated by Jim Pingle about 2 years ago
- Status changed from New to Rejected
We run our own scans and deal with such things internally, we do not need outside input in this area.