Detections
Analytics

FreeBSD : dokuwiki -- multiple vulnerabilities (23573650-f99a-11da-994e-00142a5f241c)

high Nessus Plugin ID 21701

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Multiple vulnerabilities have been reported within dokuwiki. dokuwiki is proven vulnerable to :

- arbitrary PHP code insertion via spellcheck module,

- XSS attack via 'Update your account profile,'

- bypassing of ACL controls when enabled.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?cdfb0f4c

http://www.nessus.org/u?66dced9d

http://www.nessus.org/u?4d8cb514

http://www.nessus.org/u?0924c56a

Plugin Details

Severity: High

ID: 21701

File Name: freebsd_pkg_23573650f99a11da994e00142a5f241c.nasl

Version: 1.14

Type: local

Published: 6/16/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:dokuwiki, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/11/2006

Vulnerability Publication Date: 5/31/2006