ID de Prueba:	1.3.6.1.4.1.25623.1.0.56272
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: phpicalendar
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: phpicalendar CVE-2005-3366 PHP file inclusion vulnerability in index.php in PHP iCalendar 2.0a2 through 2.0.1 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the phpicalendar cookie. NOTE: this is not a cross-site scripting (XSS) issue as claimed by the original researcher. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3366 BugTraq ID: 15193 http://www.securityfocus.com/bid/15193 Bugtraq: 20051025 PHP iCalendar CSS (Google Search) http://marc.info/?l=bugtraq&m=113025930517426&w=2 http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0512.html http://www.ush.it/2005/10/25/php-icalendar-css/ http://securitytracker.com/id?1015102 http://secunia.com/advisories/17328/ http://securityreason.com/securityalert/113 http://www.vupen.com/english/advisories/2005/2204 XForce ISS Database: phpicalendar-index-file-include(22864) https://exchange.xforce.ibmcloud.com/vulnerabilities/22864
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.