FreeBSD : zope -- restructuredText 'csv_table' Information Disclosure (65a8f773-4a37-11db-a4cc-000a48049292)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Secunia reports :

A vulnerability has been reported in Zope, which can be exploited by
malicious people to disclose potentially sensitive information.

The vulnerability is caused due to an error in the use of the docutils
module to parse and render 'restructured' text. This can be exploited
to disclose certain information via the 'csv_table' reStructuredText
directive.

See also :

http://www.nessus.org/u?22b00eb4
http://www.nessus.org/u?543544ad

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 22454 (freebsd_pkg_65a8f7734a3711dba4cc000a48049292.nasl)

Bugtraq ID: 20022

CVE ID: CVE-2006-4684

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now