FreeBSD : Joomla! -- multiple vulnerabilities (c0ef061a-c7f0-11e6-ae1b-002590263bf5)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

The JSST and the Joomla! Security Center report : [20151206] - Core -
Session Hardening The Joomla Security Strike team has been following
up on the critical security vulnerability patched last week. Since the
recent update it has become clear that the root cause is a bug in PHP
itself. This was fixed by PHP in September of 2015 with the releases
of PHP 5.4.45, 5.5.29, 5.6.13 (Note that this is fixed in all versions
of PHP 7 and has been back-ported in some specific Linux LTS versions
of PHP 5.3). This fixes the bug across all supported PHP versions.
[20151207] - Core - SQL Injection Inadequate filtering of request data
leads to a SQL Injection vulnerability.

See also :

Solution :

Update the affected package.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 96061 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now