This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
The Debian security team reports :
It was discovered that mahara, an electronic portfolio, weblog, and
resume builder is not properly escaping input when generating a unique
username based on a remote user name from a single sign-on
application. An attacker can use this to compromise the mahara
database via crafted user names.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true