FreeBSD : mail/sympa* -- Multiple vulnerabilities in Sympa archive management (de6d8290-aef7-11e1-898f-14dae938ec40)
High Nessus Plugin ID 59382
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionDavid Verdin reports :
Multiple vulnerabilities have been discovered in Sympa archive management that allow to skip the scenario-based authorization mechanisms.
This vulnerability allows the attacker to :
- display the archives management page ('arc_manage')
- download the list's archives
- delete the list's archives
SolutionUpdate the affected packages.