Detections
Analytics

FreeBSD : coppermine -- multiple vulnerabilities (9f581778-e3d4-11dc-bb89-000bcdc1757a)

medium Nessus Plugin ID 31183

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Coppermine Security advisory

The development team is releasing a security update for Coppermine in order to counter a recently discovered cross-site-scripting vulnerability.

Solution

Update the affected package.

See Also

http://forum.coppermine-gallery.net/index.php?topic=48106.0

http://forum.coppermine-gallery.net/index.php?topic=50103.0

http://www.nessus.org/u?c8e9f273

Plugin Details

Severity: Medium

ID: 31183

File Name: freebsd_pkg_9f581778e3d411dcbb89000bcdc1757a.nasl

Version: 1.22

Type: local

Published: 2/26/2008

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:coppermine, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/25/2008

Vulnerability Publication Date: 11/6/2007

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Coppermine Photo Gallery picEditor.php Command Execution)

Reference Information

CVE: CVE-2008-0504, CVE-2008-0505, CVE-2008-0506

CWE: 20, 79, 89

Secunia: 28682