Buffer Overflow vulnerability in FreeBSD
Buffer Overflow vulnerability in FreeBSD
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
A vulnerability in FreeBSD ping has been discovered that could allow remote code execution. A remote host can trigger the memory safety bug, causing the ping program to crash. Ping runs inside a capability mode sandbox on all affected versions of FreeBSD, so at the point where this bug can occur, it is very restricted in its ability to interact with the rest of the system.