ID de Prueba:	1.3.6.1.4.1.25623.1.0.54425
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: egroupware
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: egroupware CVE-2005-1202 Multiple cross-site scripting (XSS) vulnerabilities in eGroupware before 1.0.0.007 allow remote attackers to inject arbitrary web script or HTML via the (1) ab_id, (2) page, (3) type, or (4) lang parameter to index.php or (5) category_id parameter. CVE-2005-1203 Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote attackers to execute arbitrary SQL commands via the (1) filter or (2) cats_app parameter. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1202 BugTraq ID: 13212 http://www.securityfocus.com/bid/13212 Bugtraq: 20050420 Multiple eGroupware Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=111401760125555&w=2 http://security.gentoo.org/glsa/glsa-200504-24.xml http://www.gulftech.org/?node=research&article_id=00069-04202005 http://www.osvdb.org/15751 http://secunia.com/advisories/14982 Common Vulnerability Exposure (CVE) ID: CVE-2005-1203 http://www.osvdb.org/15753
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.