FreeBSD : dokuwiki -- multiple privilege escalation vulnerabilities (7580f00e-280c-11e0-b7c8-00215c6a37bb)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Dokuwiki reports :

This security update fixes problems in the XMLRPC interface where ACLs
where not checked correctly sometimes, making it possible to access
and write information that should not have been accessible/writable.
This only affects users who have enabled the XMLRPC interface (default
is off) and have enabled XMLRPC access for users who can't
access/write all content anyway (default is nobody, see for details).

This update also includes a fix for a problem in the general ACL
checking function that could be exploited to gain access to restricted
pages and media files in rare conditions (when you had rights for an
id you could get the same rights on ids where one character has been
replaced by a '.').

See also :

Solution :

Update the affected package.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 51666 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now