FreeBSD : ikiwiki -- cleartext passwords (90db9983-2f53-11dd-a0d8-0016d325a0ed)

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The ikiwiki development team reports :

Until version 2.48, ikiwiki stored passwords in cleartext in the
userdb. That risks exposing all users' passwords if the file is
somehow exposed. To pre-emtively guard against that, current versions
of ikiwiki store password hashes (using Eksblowfish).

See also :

http://ikiwiki.info/security/#index32h2
http://www.nessus.org/u?433bfd80

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 32489 (freebsd_pkg_90db99832f5311dda0d80016d325a0ed.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now