 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.100183 |
| Categoría: | Web Servers |
| Título: | Jetty Cross Site Scripting and Information Disclosure Vulnerabilities |
| Resumen: | Jetty is prone to a cross-site scripting vulnerability and an; information disclosure vulnerability. |
| Descripción: | Summary: Jetty is prone to a cross-site scripting vulnerability and an information disclosure vulnerability. Vulnerability Impact: An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and obtain sensitive information. Affected Software/OS: Jetty through version 5.1.14, version 6.0.0 through 6.1.16 and version 7.0.0 through 7.0.0.M are affected. Solution: The vendor has released an update. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-1523 BugTraq ID: 34800 http://www.securityfocus.com/bid/34800 BugTraq ID: 35675 http://www.securityfocus.com/bid/35675 CERT/CC vulnerability note: VU#402580 http://www.kb.cert.org/vuls/id/402580 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01257.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01259.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01262.html HPdes Security Advisory: HPSBMA02553 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388 HPdes Security Advisory: SSRT100184 http://www.securitytracker.com/id?1022563 http://secunia.com/advisories/34975 http://secunia.com/advisories/35143 http://secunia.com/advisories/35225 http://secunia.com/advisories/35776 http://secunia.com/advisories/40553 http://www.vupen.com/english/advisories/2009/1900 http://www.vupen.com/english/advisories/2010/1792 |
| Copyright | Copyright (C) 2009 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |