FreeBSD : pear-Horde_Image -- DoS vulnerability (00e4050b-56c1-11e7-8e66-08606e46faad)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Michael J Rubinsky reports :

The second vulnerability (CVE-2017-9773) is a DOS vulnerability. This
only affects Horde installations that do not have a configured image
handling backend, and thus use the 'Null' image driver. It is
exploitable by a logged in user clicking on a maliciously crafted URL.

See also :

https://lists.horde.org/archives/announce/2017/001234.html
http://www.nessus.org/u?14546852

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 100974 ()

Bugtraq ID:

CVE ID: CVE-2017-9773

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now