FreeBSD : Axis2 -- XSS (XSS) vulnerability (0baadc45-92d0-11e6-8011-005056925db4)

Medium Nessus Plugin ID 94126


The remote FreeBSD host is missing a security-related update.


Apache Axis2 reports :

Apache Axis2 1.7.3 is a security release that contains a fix for CVE-2010-3981. That security vulnerability affects the admin console that is part of the Axis2 Web application and was originally reported for SAP BusinessObjects (which includes a version of Axis2). That report didn't mention Axis2 at all and the Axis2 project only recently became aware (thanks to Devesh Bhatt and Nishant Agarwala) that the issue affects Apache Axis2 as well.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 94126

File Name: freebsd_pkg_0baadc4592d011e68011005056925db4.nasl

Version: $Revision: 2.1 $

Type: local

Published: 2016/10/19

Modified: 2016/10/19

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:axis2, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2016/10/18

Vulnerability Publication Date: 2010/10/18

Reference Information

CVE: CVE-2010-3981