FreeBSD : mediawiki -- Clickjacking vulnerabilities (e177c410-1943-11e0-9d1c-000c29ba66d2)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Clickjacking vulnerabilities :

Clickjacking is a type of vulnerability discovered in 2008, which is
similar to CSRF. The attack involves displaying the target webpage in
a iframe embedded in a malicious website. Using CSS, the submit button
of the form on the targeit webpage is made invisible, and then
overlaid with some button or link on the malicious website that
encourages the user to click on it.

See also :

https://bugzilla.wikimedia.org/show_bug.cgi?id=26561
http://www.nessus.org/u?dac421ee

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 51420 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now