FreeBSD : trac -- XSS vulnerability (e546c7ce-ce46-11db-bc24-0016179b2dd5)

High Nessus Plugin ID 24799


The remote FreeBSD host is missing one or more security-related updates.


Secunia reports :

The vulnerability is caused due to an error within the 'download wiki page as text' function, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Successful exploitation may require that the victim uses IE.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 24799

File Name: freebsd_pkg_e546c7cece4611dbbc240016179b2dd5.nasl

Version: $Revision: 1.11 $

Type: local

Published: 2007/03/12

Modified: 2014/08/14

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ja-trac, p-cpe:/a:freebsd:freebsd:trac, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2007/03/09

Vulnerability Publication Date: 2007/03/09

Reference Information

Secunia: 24470