FreeBSD : ikiwiki -- tty hijacking via ikiwiki-mass-rebuild (3145faf1-974c-11e0-869e-000c29249b2e)

High Nessus Plugin ID 55157


The remote FreeBSD host is missing a security-related update.


The IkiWiki development team reports :

Ludwig Nussel discovered a way for users to hijack root's tty when ikiwiki-mass-rebuild was run. Additionally, there was some potential for information disclosure via symlinks.


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 55157

File Name: freebsd_pkg_3145faf1974c11e0869e000c29249b2e.nasl

Version: $Revision: 1.4 $

Type: local

Published: 2011/06/16

Modified: 2013/06/21

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ikiwiki, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2011/06/15

Vulnerability Publication Date: 2011/06/08

Reference Information

CVE: CVE-2011-1408