This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
A Bugzilla Security Advisory reports :
Any user can change any flag on any bug, even if they don't have
access to that bug, or even if they can't normally make bug changes.
This also allows them to expose the summary of a bug.
Bugs are inserted into the database before they are marked as private,
in Bugzilla code. Thus, MySQL replication can lag in between the time
that the bug is inserted and when it is marked as private (usually
less than a second). If replication lags at this point, the bug
summary will be accessible to all users until replication catches up.
Also, on a very slow machine, there may be a pause longer than a
second that allows users to see the title of the newly-filed bug.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 18976 (freebsd_pkg_6e33f4abefed11d983100001020eed82.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now