|
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.68982 |
Categoría: | Debian Local Security Checks |
Título: | Debian Security Advisory DSA 2146-1 (mydms) |
Resumen: | Debian Security Advisory DSA 2146-1 (mydms) |
Descripción: | Description: The remote host is missing an update to mydms announced via advisory DSA 2146-1. D. Fabian and L. Weichselbaum discovered a directory traversal vulnerability in MyDMS, a open-source document management system based on PHP and MySQL. For the stable distribution (lenny), this problem has been fixed in version 1.7.0-1+lenny1. The testing distribution (squeeze) and the unstable distribution (sid) no longer contain mydms packages. We recommend that you upgrade your mydms packages. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%202146-1 CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-2006 Bugtraq: 20100115 SEC Consult SA-20100115-0 :: Local file inclusion/execution and multiple CSRF vulnerabilities in LetoDMS (formerly MyDMS) (Google Search) http://www.securityfocus.com/archive/1/archive/1/508947/100/0/threaded https://www.sec-consult.com/files/20100115-0_mydms_file_inclusion.txt Debian Security Information: DSA-2146 (Google Search) http://www.debian.org/security/2011/dsa-2146 BugTraq ID: 37828 http://www.securityfocus.com/bid/37828 http://osvdb.org/61834 http://secunia.com/advisories/38237 http://secunia.com/advisories/42900 XForce ISS Database: letodms-oplogin-file-include(55709) https://exchange.xforce.ibmcloud.com/vulnerabilities/55709 |
Copyright | Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com |
Esta es sólo una de 58962 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |
|