Test Kennung:	1.3.6.1.4.1.25623.1.0.58318
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200706-07 (phprojekt)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200706-07.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200706-07. Vulnerability Insight: Multiple vulnerabilities have been discovered in PHProjekt, allowing for the execution of arbitrary PHP and SQL code, and cross-site scripting attacks. Solution: All PHProjekt users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/phprojekt-5.2.1' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1575 BugTraq ID: 22955 http://www.securityfocus.com/bid/22955 Bugtraq: 20070314 n.runs-SA-2007.003 - PHProjekt 5.2.0 - SQL Injection (Google Search) http://www.securityfocus.com/archive/1/462789/100/0/threaded http://security.gentoo.org/glsa/glsa-200706-07.xml http://www.nruns.com/security_advisory_phprojekt_sql_injection.php http://secunia.com/advisories/24509 http://secunia.com/advisories/25748 http://securityreason.com/securityalert/2466 Common Vulnerability Exposure (CVE) ID: CVE-2007-1576 BugTraq ID: 22957 http://www.securityfocus.com/bid/22957 Bugtraq: 20070314 n.runs-SA-2007.004 - PHProjekt 5.2.0 - Cross Site Scripting and Filter Evasion (Google Search) http://www.securityfocus.com/archive/1/462788/100/0/threaded http://www.nruns.de/security_advisory_phprojekt_xss_and_filter_evasion.php http://osvdb.org/34064 http://osvdb.org/34065 http://osvdb.org/34066 http://osvdb.org/34067 http://osvdb.org/34068 http://osvdb.org/34069 http://securityreason.com/securityalert/2459 Common Vulnerability Exposure (CVE) ID: CVE-2007-1638 Bugtraq: 20070314 n.runs-SA-2007.005 - PHProjekt 5.2.0 - Cross Site Request Forgery (Google Search) http://www.securityfocus.com/archive/1/462786/100/100/threaded http://www.nruns.de/security_advisory_phprojekt_csrf.php http://osvdb.org/35162 http://securityreason.com/securityalert/2477 XForce ISS Database: phprojekt-multiple-modules-csrf(32989) https://exchange.xforce.ibmcloud.com/vulnerabilities/32989 Common Vulnerability Exposure (CVE) ID: CVE-2007-1639 BugTraq ID: 22956 http://www.securityfocus.com/bid/22956 Bugtraq: 20070314 n.runs-SA-2007.006 - PHProjekt 5.2.0 - Privilege escalation (Google Search) http://www.securityfocus.com/archive/1/462785/100/100/threaded http://www.nruns.de/security_advisory_phprojekt_privilege_escalation.php http://osvdb.org/35163 http://securityreason.com/securityalert/2476 XForce ISS Database: phprojekt-calendarfile-file-upload(32995) https://exchange.xforce.ibmcloud.com/vulnerabilities/32995
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.