This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
According to a Debian Security Advisory :
Andres Salomon noticed a problem in the CGI session management of
Ruby, an object-oriented scripting language. CGI::Session's FileStore
(and presumably PStore [...]) implementations store session
information insecurely. They simply create files, ignoring permission
issues. This can lead an attacker who has also shell access to the
webserver to take over a session.
See also :
Update the affected packages.
Risk factor :
Low / CVSS Base Score : 2.1