FreeBSD : phpList -- SQL injection and XSS vulnerability (fd8bac56-c444-11e1-864b-001cc0877741)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Zero Science Lab reports :

Input passed via the parameter 'sortby' is not properly sanitised
before being returned to the user or used in SQL queries. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.
The param 'num' is vulnerable to a XSS issue where the attacker can
execute arbitrary HTML and script code in a user's browser session in
context of an affected site.

See also :

https://www.phplist.com/?lid=567
http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5081.php
http://www.nessus.org/u?9de59214

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 59828 ()

Bugtraq ID: 52657

CVE ID: CVE-2012-2740
CVE-2012-2741

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now