Test Kennung:	1.3.6.1.4.1.25623.1.0.52306
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: ja-squirrelmail
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: ja-squirrelmail, squirrelmail CVE-2004-1036: Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail allows remote attackers to execute arbitrary web script or HTML. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1036 http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html Bugtraq: 20041110 [SquirrelMail Security Advisory] Cross Site Scripting in encoded text (Google Search) http://marc.info/?l=bugtraq&m=110012133608004&w=2 Conectiva Linux advisory: CLA-2004:905 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000905 http://www.gentoo.org/security/en/glsa/glsa-200411-25.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9592 XForce ISS Database: squirrelmail-mime-xss(18031) https://exchange.xforce.ibmcloud.com/vulnerabilities/18031
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.