FreeBSD : Axis2 -- XSS (XSS) vulnerability (0baadc45-92d0-11e6-8011-005056925db4)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Apache Axis2 reports :

Apache Axis2 1.7.3 is a security release that contains a fix for
CVE-2010-3981. That security vulnerability affects the admin console
that is part of the Axis2 Web application and was originally reported
for SAP BusinessObjects (which includes a version of Axis2). That
report didn't mention Axis2 at all and the Axis2 project only
recently became aware (thanks to Devesh Bhatt and Nishant Agarwala)
that the issue affects Apache Axis2 as well.

See also :

http://axis.apache.org/axis2/java/core/release-notes/1.7.3.html
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213546
http://www.nessus.org/u?f8164aed

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 94126 ()

Bugtraq ID:

CVE ID: CVE-2010-3981

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now