Test Kennung:	1.3.6.1.4.1.25623.1.0.56643
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: phpwebftp
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: phpwebftp CVE-2006-1812 phpWebFTP 3.2 and earlier stores script.js under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. CVE-2006-1813 Directory traversal vulnerability in index.php in phpWebFTP 3.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the language parameter. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1812 BugTraq ID: 17557 http://www.securityfocus.com/bid/17557 Bugtraq: 20060417 PhpWebFTP 3.2 Login Script (Google Search) http://www.securityfocus.com/archive/1/431115/100/0/threaded http://secunia.com/advisories/19706 XForce ISS Database: phpwebftp-scriptjs-obtain-information(25921) https://exchange.xforce.ibmcloud.com/vulnerabilities/25921 Common Vulnerability Exposure (CVE) ID: CVE-2006-1813 http://securityreason.com/securityalert/723 http://www.vupen.com/english/advisories/2006/1388 XForce ISS Database: phpwebftp-index-directory-traversal(25920) https://exchange.xforce.ibmcloud.com/vulnerabilities/25920
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.