This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201707-11
(RoundCube: Security bypass)
Authenticated users can arbitrarily reset passwords due to a problem
caused by an improperly restricted exec call in the virtualmin and sasl
drivers of the password plugin.
Authenticated users can bypass security restrictions and elevate
There is no known workaround at this time.
See also :
All RoundCube users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=mail-client/roundcube-1.2.5'
Risk factor :
Medium / CVSS Base Score : 6.5