This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Two security vulnerabilities were discovered :
Noncompliant CSS parsing behaviour in Internet Explorer allows
attackers to construct CSS strings which are treated as safe by
previous versions of MediaWiki, but are decoded to unsafe strings by
A CSRF vulnerability was discovered in our login interface. Although
regular logins are protected as of 1.15.3, it was discovered that the
account creation and password reset reset features were not protected
from CSRF. This could lead to unauthorised access to private wikis.
See also :
Update the affected package.
Risk factor :
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 46767 (freebsd_pkg_fc55e3966deb11df8b8e000c29ba66d2.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now