FreeBSD : PivotX -- Remote File Inclusion Vulnerability of TimThumb (e454ca2f-f88d-11e0-b566-00163e01a509)
High Nessus Plugin ID 56528
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe PivotX team reports :
TimThumb domain name security bypass and insecure cache handling.
PivotX before 2.3.0 includes a vulnerable version of TimThumb.
If you are still running PivotX 2.2.6, you might be vulnerable to a security exploit, that was patched previously. Version 2.3.0 doesn't have this issue, but any older version of PivotX might be vulnerable.
SolutionUpdate the affected package.