Detections
Analytics

FreeBSD : phppgadmin -- XSS vulnerability (3d0e724e-129b-11dc-9f79-0016179b2dd5)

high Nessus Plugin ID 25425

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

SecurityFocus reports about phppgadmin :

Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?0b6006a3

http://www.nessus.org/u?3ee5b7a3

Plugin Details

Severity: High

ID: 25425

File Name: freebsd_pkg_3d0e724e129b11dc9f790016179b2dd5.nasl

Version: 1.25

Type: local

Published: 6/5/2007

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:phppgadmin, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/4/2007

Vulnerability Publication Date: 5/27/2007

Reference Information

CVE: CVE-2007-2865, CVE-2007-5728

BID: 24115

CWE: 79

Secunia: 25446