This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
Dokuwiki reports :
This security update fixes problems in the XMLRPC interface where ACLs
where not checked correctly sometimes, making it possible to access
and write information that should not have been accessible/writable.
This only affects users who have enabled the XMLRPC interface (default
is off) and have enabled XMLRPC access for users who can't
access/write all content anyway (default is nobody, see
http://www.dokuwiki.org/config:xmlrpcuser for details).
This update also includes a fix for a problem in the general ACL
checking function that could be exploited to gain access to restricted
pages and media files in rare conditions (when you had rights for an
id you could get the same rights on ids where one character has been
replaced by a '.').
See also :
Update the affected package.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now