FreeBSD : sympa -- Multiple Security Bypass Vulnerabilities (78c39232-a345-11e1-9d81-d0df9acfd7e5)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Secunia team reports :

Multiple vulnerabilities have been reported in Sympa, which can be
exploited by malicious people to bypass certain security restrictions.

The vulnerabilities are caused due to the application allowing access
to archive functions without checking credentials. This can be
exploited to create, download, and delete an archive.

See also :

http://www.nessus.org/u?210a586f

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 59220 ()

Bugtraq ID:

CVE ID: CVE-2012-2352

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now