ID de Prueba:	1.3.6.1.4.1.25623.1.0.56651
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: lifetype
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: lifetype CVE-2006-0146 The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, and (4) Cacti, (5) Xaraya, (6) PHPOpenChat, and (7) MAXdev MD-Pro, and when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL statements via the sql parameter. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0146 BugTraq ID: 16187 http://www.securityfocus.com/bid/16187 Bugtraq: 20060202 Bug for libs in php link directory 2.0 (Google Search) http://www.securityfocus.com/archive/1/423784/100/0/threaded Bugtraq: 20060409 PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection (Google Search) http://www.securityfocus.com/archive/1/430448/100/0/threaded Bugtraq: 20070418 MediaBeez Sql query Execution .. Wear isn't ?? :) (Google Search) http://www.securityfocus.com/archive/1/466171/100/0/threaded Debian Security Information: DSA-1029 (Google Search) http://www.debian.org/security/2006/dsa-1029 Debian Security Information: DSA-1030 (Google Search) http://www.debian.org/security/2006/dsa-1030 Debian Security Information: DSA-1031 (Google Search) http://www.debian.org/security/2006/dsa-1031 http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html http://secunia.com/secunia_research/2005-64/advisory/ http://www.osvdb.org/22290 http://secunia.com/advisories/17418 http://secunia.com/advisories/18233 http://secunia.com/advisories/18254 http://secunia.com/advisories/18260 http://secunia.com/advisories/18267 http://secunia.com/advisories/18276 http://secunia.com/advisories/18720 http://secunia.com/advisories/19555 http://secunia.com/advisories/19563 http://secunia.com/advisories/19590 http://secunia.com/advisories/19591 http://secunia.com/advisories/19600 http://secunia.com/advisories/19691 http://secunia.com/advisories/19699 http://secunia.com/advisories/24954 http://securityreason.com/securityalert/713 http://www.vupen.com/english/advisories/2006/0101 http://www.vupen.com/english/advisories/2006/0102 http://www.vupen.com/english/advisories/2006/0103 http://www.vupen.com/english/advisories/2006/0104 http://www.vupen.com/english/advisories/2006/0105 http://www.vupen.com/english/advisories/2006/0370 http://www.vupen.com/english/advisories/2006/0447 http://www.vupen.com/english/advisories/2006/1304 http://www.vupen.com/english/advisories/2006/1305 http://www.vupen.com/english/advisories/2006/1419 XForce ISS Database: adodb-server-command-execution(24051) https://exchange.xforce.ibmcloud.com/vulnerabilities/24051
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.