This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Hans Ulrich Niedermann reports :
The TWiki search function uses a user-supplied search string to
compose a command line executed by the Perl backtick (``) operator.
The search string is not checked properly for shell metacharacters and
is thus vulnerable to search string containing quotes and shell
IMPACT: An attacker is able to execute arbitrary shell commands with
the privileges of the TWiki process.
See also :
Update the affected package.
Risk factor :
Critical / CVSS Base Score : 10.0
Public Exploit Available : true