FreeBSD : coppermine -- multiple vulnerabilities (9f581778-e3d4-11dc-bb89-000bcdc1757a)

Medium Nessus Plugin ID 31183


The remote FreeBSD host is missing a security-related update.


Coppermine Security advisory

The development team is releasing a security update for Coppermine in order to counter a recently discovered cross-site-scripting vulnerability.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 31183

File Name: freebsd_pkg_9f581778e3d411dcbb89000bcdc1757a.nasl

Version: $Revision: 1.18 $

Type: local

Published: 2008/02/26

Modified: 2016/12/08

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:coppermine, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2008/02/25

Vulnerability Publication Date: 2007/11/06

Exploitable With


Core Impact

Metasploit (Coppermine Photo Gallery picEditor.php Command Execution)

Reference Information

CVE: CVE-2008-0504, CVE-2008-0505, CVE-2008-0506

Secunia: 28682

CWE: 20, 79, 89