A local overflow exists in FreeBSD healthd. This small utility for monitoring the temperature, fan speed and voltage levels of certain motherboards is subject to a boundary condition error resulting in a buffer overflow. With a specially crafted request, an attacker can obtain root privileges resulting in a loss of integrity.
Upgrade to FreeBSD 4.1 or upgrade healthd specifically to corrected 0.3 port, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: make deinstall the healthd port.
The vendor has updated the package without increasing the version number. Be sure your installation is from the latest available.