FreeBSD : OTRS -- Vulnerabilities in OTRS-Core allows read access to any file on local file system (86baa0d4-c997-11e0-8a8e-00151735203a)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

OTRS Security Advisory reports :

- An attacker with valid session and admin permissions could get read
access to any file on the servers local operating system. For this it
would be needed minimum one installed OTRS package.

See also :

http://otrs.org/advisory/OSA-2011-03-en/
http://www.nessus.org/u?90127ee6

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 4.0
(CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 55914 ()

Bugtraq ID:

CVE ID: CVE-2011-2746

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now