FreeBSD : foreman-proxy SSL verification issue (c30c3a2e-4fb1-11e4-b275-14dae9d210b8)

High Nessus Plugin ID 78114


The remote FreeBSD host is missing a security-related update.


Foreman Security reports :

The smart proxy when running in an SSL-secured mode permits incoming API calls to any endpoint without requiring, or performing any verification of an SSL client certificate. This permits any client with access to the API to make requests and perform actions permitting control of Puppet CA, DHCP, DNS etc.)


Update the affected package.

See Also!topic/foreman-announce/LcjZx25Bl7U

Plugin Details

Severity: High

ID: 78114

File Name: freebsd_pkg_c30c3a2e4fb111e4b27514dae9d210b8.nasl

Version: $Revision: 1.2 $

Type: local

Published: 2014/10/10

Modified: 2015/03/11

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:foreman-proxy, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2014/10/09

Vulnerability Publication Date: 2014/05/09

Reference Information

CVE: CVE-2014-3691