FreeBSD : ikiwiki -- cleartext passwords (90db9983-2f53-11dd-a0d8-0016d325a0ed)

High Nessus Plugin ID 32489


The remote FreeBSD host is missing a security-related update.


The ikiwiki development team reports :

Until version 2.48, ikiwiki stored passwords in cleartext in the userdb. That risks exposing all users' passwords if the file is somehow exposed. To pre-emtively guard against that, current versions of ikiwiki store password hashes (using Eksblowfish).


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 32489

File Name: freebsd_pkg_90db99832f5311dda0d80016d325a0ed.nasl

Version: $Revision: 1.9 $

Type: local

Published: 2008/06/02

Modified: 2013/06/22

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ikiwiki, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2008/06/01

Vulnerability Publication Date: 2008/05/30