 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.100183 |
| Kategorie: | Web Servers |
| Titel: | Jetty Cross Site Scripting and Information Disclosure Vulnerabilities |
| Zusammenfassung: | Jetty is prone to a cross-site scripting vulnerability and an; information disclosure vulnerability. |
| Beschreibung: | Summary: Jetty is prone to a cross-site scripting vulnerability and an information disclosure vulnerability. Vulnerability Impact: An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and obtain sensitive information. Affected Software/OS: Jetty through version 5.1.14, version 6.0.0 through 6.1.16 and version 7.0.0 through 7.0.0.M are affected. Solution: The vendor has released an update. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-1523 BugTraq ID: 34800 http://www.securityfocus.com/bid/34800 BugTraq ID: 35675 http://www.securityfocus.com/bid/35675 CERT/CC vulnerability note: VU#402580 http://www.kb.cert.org/vuls/id/402580 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01257.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01259.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01262.html HPdes Security Advisory: HPSBMA02553 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388 HPdes Security Advisory: SSRT100184 http://www.securitytracker.com/id?1022563 http://secunia.com/advisories/34975 http://secunia.com/advisories/35143 http://secunia.com/advisories/35225 http://secunia.com/advisories/35776 http://secunia.com/advisories/40553 http://www.vupen.com/english/advisories/2009/1900 http://www.vupen.com/english/advisories/2010/1792 |
| Copyright | Copyright (C) 2009 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |