FreeBSD : otrs -- Scheduler Process ID File Access (1e7f0c11-673a-11e5-98c8-60a44c524f57)
High Nessus Plugin ID 86198
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe OTRS project reports :
An attacker with valid LOCAL credentials could access and manipulate the process ID file for bin/otrs.schduler.pl from the CLI.
The Proc::Daemon module 0.14 for Perl uses world-writable permissions for a file that stores a process ID, which allows local users to have an unspecified impact by modifying this file.
SolutionUpdate the affected packages.