| |||||||||||||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.100334 |
| Kategorie: | Web application abuses |
| Titel: | Mahara Multiple vulnerabilities |
| Zusammenfassung: | Determine if Mahara is prone to Multiple Vulnerabilities |
| Beschreibung: | Overview: Mahara is prone to a security-bypass vulnerability and to a to a cross-site scripting vulnerability. An attacker can exploit this issue to reset the application's administrator password or to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Versions prior to Mahara 1.0.13 and 1.1.7 are affected. Solution: The vendor has released updates. Please see the references for details. References: http://www.securityfocus.com/bid/36893 http://www.securityfocus.com/bid/36892 http://wiki.mahara.org/Release_Notes/1.1.7 http://mahara.org/ http://mahara.org/interaction/forum/topic.php?id=1169 http://mahara.org/interaction/forum/topic.php?id=1170 |
| Querverweis: |
BugTraq ID: 36893 BugTraq ID: 36892 Common Vulnerability Exposure (CVE) ID: CVE-2009-3298 Debian Security Information: DSA-1924 (Google Search) http://www.debian.org/security/2009/dsa-1924 http://www.securityfocus.com/bid/36893 http://www.osvdb.org/59584 http://secunia.com/advisories/37217 http://secunia.com/advisories/37218 http://www.vupen.com/english/advisories/2009/3101 Common Vulnerability Exposure (CVE) ID: CVE-2009-3299 http://www.securityfocus.com/bid/36892 http://www.osvdb.org/59583 |
| Copyright | This script is Copyright (C) 2009 Greenbone Networks GmbH |
| Dies ist nur einer von 32582 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |
|
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde | Whois
© 1998-2013 E-Soft Inc. Alle Rechte vorbehalten.