FreeBSD : mail/sympa* -- Multiple vulnerabilities in Sympa archive management (de6d8290-aef7-11e1-898f-14dae938ec40)

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

David Verdin reports :

Multiple vulnerabilities have been discovered in Sympa archive
management that allow to skip the scenario-based authorization
mechanisms.

This vulnerability allows the attacker to :

- display the archives management page ('arc_manage')

- download the list's archives

- delete the list's archives

See also :

http://www.nessus.org/u?5626caef
http://www.nessus.org/u?5116be22

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 59382 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now