This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Secunia advisory SA19246 :
Paul Craig has discovered a vulnerability in Horde, which can be
exploited by malicious people to disclose sensitive information. Input
passed to the 'url' parameter in 'services/go.php' isn't properly
verified, before it is used in a 'readfile()' call. This can be
exploited to disclose the content of arbitrary files via e.g. the
'php://' protocol wrapper.
The vulnerability has been confirmed in version 3.0.9 and has also
been reported in prior versions.
Provided and/or discovered by : Paul Craig, Security-Assessment.com.
See also :
Update the affected packages.
Risk factor :
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 21512 (freebsd_pkg_c7c09579b46611da82d00050bf27ba24.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now