FreeBSD : magento -- multiple vulnerabilities (ea1d2530-72ce-11e5-a2a1-002590263bf5)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Magento, Inc. reports :

SUPEE-6482 - This patch addresses two issues related to APIs and two
cross-site scripting risks.

SUPEE-6285 - This patch provides protection against several types of
security-related issues, including information leaks, request
forgeries, and cross-site scripting.

SUPEE-5994 - This patch addresses multiple security vulnerabilities in
Magento Community Edition software, including issues that can put
customer information at risk.

SUPEE-5344 - Addresses a potential remote code execution exploit.

SUPEE-1533 - Addresses two potential remote code execution exploits.

See also :

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201709
https://www.magentocommerce.com/download
http://www.nessus.org/u?5898cd4d
http://www.nessus.org/u?6be61f5e
http://www.nessus.org/u?7bf33f41

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 86389 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now