FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nfsen -- remote command execution

Affected packages
nfsen < 1.3.7

Details

VuXML ID 6e83b2f3-e4e3-11e6-9ac1-a4badb2f4699
Discovery 2017-01-24
Entry 2017-01-27

Peter Haag reports:

A remote attacker with access to the web interface to execute arbitrary commands on the host operating system.

References

URL https://sourceforge.net/p/nfsen/mailman/message/35623845/