FreeBSD : jenkins -- multiple vulnerabilities (23af0425-9eac-11e5-b937-00e0814cab4e)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Jenkins Security Advisory : DescriptionSECURITY-95 / CVE-2015-7536
(Stored XSS vulnerability through workspace files and archived
artifacts) In certain configurations, low privilege users were able to
create e.g. HTML files in workspaces and archived artifacts that could
result in XSS when accessed by other users. Jenkins now sends
Content-Security-Policy headers that enables sandboxing and prohibits
script execution by default. SECURITY-225 / CVE-2015-7537 (CSRF
vulnerability in some administrative actions) Several
administration/configuration related URLs could be accessed using GET,
which allowed attackers to circumvent CSRF protection. SECURITY-233 /
CVE-2015-7538 (CSRF protection ineffective) Malicious users were able
to circumvent CSRF protection on any URL by sending specially crafted
POST requests. SECURITY-234 / CVE-2015-7539 (Jenkins plugin manager
vulnerable to MITM attacks) While the Jenkins update site data is
digitally signed, and the signature verified by Jenkins, Jenkins did
not verify the provided SHA-1 checksums for the plugin files
referenced in the update site data. This enabled MITM attacks on the
plugin manager, resulting in installation of attacker-provided
plugins.

See also :

http://www.nessus.org/u?7ce23a1d
http://www.nessus.org/u?6d8ffe07

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 87292 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now