FreeBSD : phpbb -- multiple vulnerabilities (326c517a-d029-11d9-9aed-000e0c2e438a)

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

phpBB is vulnerable to remote exploitation of an input validation
vulnerability allows attackers to read the contents of arbitrary
system files under the privileges of the webserver. This also allows
remote attackers to unlink arbitrary system files under the privileges
of the webserver.

See also :

http://security.gentoo.org/glsa/glsa-200503-02.xml
http://www.nessus.org/u?8419b7d1
http://www.nessus.org/u?36942621
http://www.nessus.org/u?73c19583

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 5.6
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 18895 (freebsd_pkg_326c517ad02911d99aed000e0c2e438a.nasl)

Bugtraq ID: 12618
12621
12623

CVE ID: CVE-2005-0258
CVE-2005-0259

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now