This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-201612-50
(Openfire: Multiple vulnerabilities)
Multiple vulnerabilities have been discovered in Openfire. Please review
the CVE identifiers referenced below for details.
A remote attacker could bypass the CSRF protection mechanism, conduct
Cross-Site Scripting attacks, or an authenticated remote attacker could
gain privileges while accessing Openfire’s web interface.
There is no known workaround at this time.
See also :
All Openfire users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-im/openfire-4.1.0'
Risk factor :
Medium / CVSS Base Score : 6.8