FreeBSD : ikiwiki -- cleartext passwords (90db9983-2f53-11dd-a0d8-0016d325a0ed)
High Nessus Plugin ID 32489
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe ikiwiki development team reports :
Until version 2.48, ikiwiki stored passwords in cleartext in the userdb. That risks exposing all users' passwords if the file is somehow exposed. To pre-emtively guard against that, current versions of ikiwiki store password hashes (using Eksblowfish).
SolutionUpdate the affected package.