FreeBSD : extman -- password bypass vulnerability (44c8694a-12f9-11dd-9b26-001c2514716c)

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Extmail team reports :

Emergency update #4 fixes a serious security vulnerability.

Successful exploit of this vulnerability would allow attacker to
change user's password without knowing it by using specifically
crafted HTTP request.

See also :

http://www.extmail.org/forum/thread-7260-1-1.html
http://www.nessus.org/u?b0498b83

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 32062 (freebsd_pkg_44c8694a12f911dd9b26001c2514716c.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now