ID de Prueba:	1.3.6.1.4.1.25623.1.0.831542
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Update for phpldapadmin MDVSA-2012:020 (phpldapadmin)
Resumen:	The remote host is missing an update for the 'phpldapadmin'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'phpldapadmin' package(s) announced via the referenced advisory. Vulnerability Insight: A vulnerability has been found and corrected in phpldapadmin: Cross-site scripting (XSS) vulnerability in lib/QueryRender.php in phpLDAPadmin 1.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the base parameter in a query_engine action to cmd.php (CVE-2012-0834). The updated packages have been patched to correct this issue. Affected Software/OS: phpldapadmin on Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0834 47852 http://secunia.com/advisories/47852 MDVSA-2012:020 http://www.mandriva.com/security/advisories?name=MDVSA-2012:020 [oss-security] 20120202 CVE request: phpldapadmin "base" Cross-Site Scripting Vulnerability http://openwall.com/lists/oss-security/2012/02/02/9 [oss-security] 20120203 Re: CVE request: phpldapadmin "base" Cross-Site Scripting Vulnerability http://openwall.com/lists/oss-security/2012/02/03/3 http://phpldapadmin.git.sourceforge.net/git/gitweb.cgi?p=phpldapadmin/phpldapadmin%3Ba=commit%3Bh=7dc8d57d6952fe681cb9e8818df7f103220457bd https://sourceforge.net/tracker/index.php?func=detail&aid=3477910&group_id=61828&atid=498546
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.