Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200606-29 (tikiwiki)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57033

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200606-29 (tikiwiki)

Resumen: The remote host is missing updates announced in;advisory GLSA 200606-29.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200606-29.

Vulnerability Insight:
An SQL injection vulnerability and multiple XSS vulnerabilities have been
discovered.

Solution:
All Tikiwiki users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/tikiwiki-1.9.4'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-3048
BugTraq ID: 18421
http://www.securityfocus.com/bid/18421
Bugtraq: 20060613 TikiWiki Sql injection & XSS Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/437017/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200606-29.xml
http://secunia.com/advisories/20648
http://secunia.com/advisories/20850
http://securityreason.com/securityalert/1102
http://www.vupen.com/english/advisories/2006/2349
XForce ISS Database: tikiwiki-unspecified-sql-injection(27146)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27146
Common Vulnerability Exposure (CVE) ID: CVE-2006-3047
XForce ISS Database: tikiwiki-script-errors-xss(27145)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27145

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57033
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200606-29 (tikiwiki)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200606-29.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200606-29. Vulnerability Insight: An SQL injection vulnerability and multiple XSS vulnerabilities have been discovered. Solution: All Tikiwiki users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/tikiwiki-1.9.4' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3048 BugTraq ID: 18421 http://www.securityfocus.com/bid/18421 Bugtraq: 20060613 TikiWiki Sql injection & XSS Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/437017/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200606-29.xml http://secunia.com/advisories/20648 http://secunia.com/advisories/20850 http://securityreason.com/securityalert/1102 http://www.vupen.com/english/advisories/2006/2349 XForce ISS Database: tikiwiki-unspecified-sql-injection(27146) https://exchange.xforce.ibmcloud.com/vulnerabilities/27146 Common Vulnerability Exposure (CVE) ID: CVE-2006-3047 XForce ISS Database: tikiwiki-script-errors-xss(27145) https://exchange.xforce.ibmcloud.com/vulnerabilities/27145
Copyright	Copyright (C) 2008 E-Soft Inc.