FreeBSD Local Security Checks : FreeBSD Ports: dokuwiki

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.71270

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: dokuwiki

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: dokuwiki

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-2128
BugTraq ID: 53041
http://www.securityfocus.com/bid/53041
Bugtraq: 20120417 DokuWiki Ver.2012/01/25 CSRF Add User Exploit (Google Search)
http://seclists.org/bugtraq/2012/Apr/121
http://bugs.dokuwiki.org/index.php?do=details&task_id=2488
http://ircrash.com/uploads/dokuwiki.txt
https://bugzilla.redhat.com/show_bug.cgi?id=815122
http://www.openwall.com/lists/oss-security/2012/04/22/4
http://www.openwall.com/lists/oss-security/2012/04/23/1
http://secunia.com/advisories/48848
XForce ISS Database: dokuwiki-doku-xss(74907)
https://exchange.xforce.ibmcloud.com/vulnerabilities/74907
Common Vulnerability Exposure (CVE) ID: CVE-2012-2129
20120417 DokuWiki Ver.2012/01/25 CSRF Add User Exploit
48848
53041
[oss-security] 20120422 CVE Request -- DokuWiki: XSS and CSRF due improper escaping of 'target' parameter in preprocessing edit form data
[oss-security] 20120422 Re: CVE Request -- DokuWiki: XSS and CSRF due improper escaping of 'target' parameter in preprocessing edit form data
dokuwiki-doku-xss(74907)
http://bugs.dokuwiki.org/index.php?do=details&task_id=2487
https://bugs.gentoo.org/show_bug.cgi?id=412891
https://github.com/splitbrain/dokuwiki/commit/ff71173477e54774b5571015d49d944f51cb8a26

Copyright Copyright (C) 2012 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.71270
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: dokuwiki
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: dokuwiki Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2128 BugTraq ID: 53041 http://www.securityfocus.com/bid/53041 Bugtraq: 20120417 DokuWiki Ver.2012/01/25 CSRF Add User Exploit (Google Search) http://seclists.org/bugtraq/2012/Apr/121 http://bugs.dokuwiki.org/index.php?do=details&task_id=2488 http://ircrash.com/uploads/dokuwiki.txt https://bugzilla.redhat.com/show_bug.cgi?id=815122 http://www.openwall.com/lists/oss-security/2012/04/22/4 http://www.openwall.com/lists/oss-security/2012/04/23/1 http://secunia.com/advisories/48848 XForce ISS Database: dokuwiki-doku-xss(74907) https://exchange.xforce.ibmcloud.com/vulnerabilities/74907 Common Vulnerability Exposure (CVE) ID: CVE-2012-2129 20120417 DokuWiki Ver.2012/01/25 CSRF Add User Exploit 48848 53041 [oss-security] 20120422 CVE Request -- DokuWiki: XSS and CSRF due improper escaping of 'target' parameter in preprocessing edit form data [oss-security] 20120422 Re: CVE Request -- DokuWiki: XSS and CSRF due improper escaping of 'target' parameter in preprocessing edit form data dokuwiki-doku-xss(74907) http://bugs.dokuwiki.org/index.php?do=details&task_id=2487 https://bugs.gentoo.org/show_bug.cgi?id=412891 https://github.com/splitbrain/dokuwiki/commit/ff71173477e54774b5571015d49d944f51cb8a26
Copyright	Copyright (C) 2012 E-Soft Inc.