FreeBSD : sql-ledger -- security bypass vulnerability (8e02441d-d39c-11db-a6da-0003476f14d3)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Chris Travers reports :

George Theall of Tenable Security notified the LedgerSMB core team
today of an authentication bypass vulnerability allowing full access
to the administrator interface of LedgerSMB 1.1 and SQL-Ledger 2.x.
The problem is caused by the password checking routine failing to
enforce a password check under certain circumstances. The user can
then create accounts or effect denial of service attacks.

This is not related to any previous CVE.

We have coordinated with the SQL-Ledger vendor and today both of us
released security patches correcting the problem. SQL-Ledger users who
can upgrade to 2.6.26 should do so, and LedgerSMB 1.1 or 1.0 users
should upgrade to 1.1.9. Users who cannot upgrade should configure
their web servers to use http authentication for the admin.pl script
in the main root directory.

See also :

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=110350
http://www.securityfocus.com/archive/1/462375
http://www.nessus.org/u?143ac259

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 24838 (freebsd_pkg_8e02441dd39c11dba6da0003476f14d3.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now