Test Kennung:	1.3.6.1.4.1.25623.1.0.63359
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: phplist
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: phplist CVE-2009-0422 Dynamic variable evaluation vulnerability in lists/admin.php in phpList 2.10.8 and earlier, when register_globals is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _SERVER[ConfigFile] parameter to admin/index.php. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0422 Bugtraq: 20090114 phpList <= 2.10.8 Local File inclusion (Google Search) http://www.securityfocus.com/archive/1/500057/100/0/threaded https://www.exploit-db.com/exploits/7778 http://www.bugreport.ir/index_60.htm http://secunia.com/advisories/33533 XForce ISS Database: phplist-indexphp-file-include(47945) https://exchange.xforce.ibmcloud.com/vulnerabilities/47945
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.