Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200812-20 (phpcollab)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63035

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200812-20 (phpcollab)

Resumen: The remote host is missing updates announced in;advisory GLSA 200812-20.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200812-20.

Vulnerability Insight:
Multiple vulnerabilities have been discovered in phpCollab allowing for
remote injection of shell commands, PHP code and SQL statements.

Solution:
phpCollab has been removed from the Portage tree. We recommend that users
unmerge phpCollab:

# emerge --unmerge 'www-apps/phpcollab'

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-1495
BugTraq ID: 17283
http://www.securityfocus.com/bid/17283
BugTraq ID: 17286
http://www.securityfocus.com/bid/17286
https://www.exploit-db.com/exploits/1617
http://security.gentoo.org/glsa/glsa-200812-20.xml
http://downloads.securityfocus.com/vulnerabilities/exploits/PHPCollab_NetOffice_SQLINJ.php
http://www.osvdb.org/24226
http://www.osvdb.org/24230
http://secunia.com/advisories/19449
http://secunia.com/advisories/19452
http://secunia.com/advisories/33258
http://www.vupen.com/english/advisories/2006/1141
http://www.vupen.com/english/advisories/2006/1142
XForce ISS Database: netoffice-sendpassword-sql-injection(25503)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25503
XForce ISS Database: phpcollab-sendpassword-sql-injection(25505)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25505
Common Vulnerability Exposure (CVE) ID: CVE-2008-4303
BugTraq ID: 32964
http://www.securityfocus.com/bid/32964
XForce ISS Database: phpcollab-login-sql-injection(47520)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47520
Common Vulnerability Exposure (CVE) ID: CVE-2008-4304
XForce ISS Database: phpcollab-login-command-execution(47522)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47522
Common Vulnerability Exposure (CVE) ID: CVE-2008-4305
XForce ISS Database: phpcollab-settings-code-execution(47521)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47521

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63035
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200812-20 (phpcollab)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200812-20.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200812-20. Vulnerability Insight: Multiple vulnerabilities have been discovered in phpCollab allowing for remote injection of shell commands, PHP code and SQL statements. Solution: phpCollab has been removed from the Portage tree. We recommend that users unmerge phpCollab: # emerge --unmerge 'www-apps/phpcollab' CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-1495 BugTraq ID: 17283 http://www.securityfocus.com/bid/17283 BugTraq ID: 17286 http://www.securityfocus.com/bid/17286 https://www.exploit-db.com/exploits/1617 http://security.gentoo.org/glsa/glsa-200812-20.xml http://downloads.securityfocus.com/vulnerabilities/exploits/PHPCollab_NetOffice_SQLINJ.php http://www.osvdb.org/24226 http://www.osvdb.org/24230 http://secunia.com/advisories/19449 http://secunia.com/advisories/19452 http://secunia.com/advisories/33258 http://www.vupen.com/english/advisories/2006/1141 http://www.vupen.com/english/advisories/2006/1142 XForce ISS Database: netoffice-sendpassword-sql-injection(25503) https://exchange.xforce.ibmcloud.com/vulnerabilities/25503 XForce ISS Database: phpcollab-sendpassword-sql-injection(25505) https://exchange.xforce.ibmcloud.com/vulnerabilities/25505 Common Vulnerability Exposure (CVE) ID: CVE-2008-4303 BugTraq ID: 32964 http://www.securityfocus.com/bid/32964 XForce ISS Database: phpcollab-login-sql-injection(47520) https://exchange.xforce.ibmcloud.com/vulnerabilities/47520 Common Vulnerability Exposure (CVE) ID: CVE-2008-4304 XForce ISS Database: phpcollab-login-command-execution(47522) https://exchange.xforce.ibmcloud.com/vulnerabilities/47522 Common Vulnerability Exposure (CVE) ID: CVE-2008-4305 XForce ISS Database: phpcollab-settings-code-execution(47521) https://exchange.xforce.ibmcloud.com/vulnerabilities/47521
Copyright	Copyright (C) 2008 E-Soft Inc.