FreeBSD : jenkins -- multiple vulnerabilities (631c4710-9be5-4a80-9310-eb2847fe24dd)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Jenkins Security Advisory : DescriptionSECURITY-412 through
SECURITY-420 / CVE-2017-1000356 CSRF: Multiple vulnerabilities
SECURITY-429 / CVE-2017-1000353 CLI: Unauthenticated remote code
execution SECURITY-466 / CVE-2017-1000354 CLI: Login command allowed
impersonating any Jenkins user SECURITY-503 / CVE-2017-1000355
XStream: Java crash when trying to instantiate void/Void

See also :

https://jenkins.io/security/advisory/2017-04-26/
http://www.nessus.org/u?a8fa60d3

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 99698 ()

Bugtraq ID:

CVE ID: CVE-2017-1000353
CVE-2017-1000354
CVE-2017-1000355
CVE-2017-1000356

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now