FreeBSD : ikiwiki -- improper symlink verification vulnerability (31d9fbb4-9d09-11dc-a29d-0016d325a0ed)

This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The ikiwiki development team reports :

Ikiwiki did not check if path to the srcdir to contained a symlink. If
an attacker had commit access to the directories in the path, they
could change it to a symlink, causing ikiwiki to read and publish
files that were not intended to be published. (But not write to them
due to other checks.)

See also :

Solution :

Update the affected package.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 28349 (freebsd_pkg_31d9fbb49d0911dca29d0016d325a0ed.nasl)

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now