Detections
Analytics

FreeBSD : Zend Framework -- security issues in bundled Dojo library (8ad1c404-3e78-11df-a5a1-0050568452ac)

high Nessus Plugin ID 45447

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

The Zend Framework team reports :

Several files in the bundled Dojo library were identified as having potential exploits, and the Dojo team also advised disabling or removing any PHP scripts in the Dojo library tree when deploying to production.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?9e6d2114

https://framework.zend.com/security/advisory/ZF2010-07

http://osdir.com/ml/bugtraq.security/2010-03/msg00133.html

https://packetstormsecurity.com/1003-exploits/dojo-xss.txt

http://www.nessus.org/u?baf20fd9

http://www.nessus.org/u?1fc3b198

Plugin Details

Severity: High

ID: 45447

File Name: freebsd_pkg_8ad1c4043e7811dfa5a10050568452ac.nasl

Version: 1.12

Type: local

Published: 4/9/2010

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:zendframework

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 4/6/2010

Vulnerability Publication Date: 4/1/2010

Reference Information

Secunia: 38964