ID de Prueba:	1.3.6.1.4.1.25623.1.0.120465
Categoría:	Amazon Linux Local Security Checks
Título:	Amazon Linux: Security Advisory (ALAS-2013-268)
Resumen:	The remote host is missing an update for the 'ganglia' package(s) announced via the ALAS-2013-268 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ganglia' package(s) announced via the ALAS-2013-268 advisory. Vulnerability Insight: Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, which is processed by get_context.php. Affected Software/OS: 'ganglia' package(s) on Amazon Linux. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6395 100380 http://osvdb.org/100380 55854 http://secunia.com/advisories/55854 [oss-security] 20131126 Re: CVE request: XSS flaw in Ganglia web interface http://seclists.org/oss-sec/2013/q4/346 gangliaweb-cve20136395-xss(89272) https://exchange.xforce.ibmcloud.com/vulnerabilities/89272 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730507 http://www.rusty-ice.de/advisory/advisory_2013002.txt https://github.com/ganglia/ganglia-web/issues/218
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.