Test ID:	1.3.6.1.4.1.25623.1.0.14823
Category:	Web application abuses
Title:	ViewCVS XSS
Summary:	Checks for the version of ViewCVS
Description:	The remote host seems to be running ViewCVS, an open source CGI written in python designed to access CVS directories using a web interface. The remote version of this software is vulnerable to many cross-site scripting flaws though the script 'viewcvs'. Using a specially crafted URL, an attacker can cause arbitrary code execution for third party users, thus resulting in a loss of integrity of their system. Solution : Update to the latest version of this software See also: http://viewcvs.sourceforge.net/
Cross-Ref:	BugTraq ID: 4818 Common Vulnerability Exposure (CVE) ID: CVE-2002-0771 Bugtraq: 20020518 cross-site scripting bug of ViewCVS (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-05/0161.html http://online.securityfocus.com/archive/1/273102 http://www.iss.net/security_center/static/9112.php http://www.securityfocus.com/bid/4818
Copyright	This script is Copyright (C) 2004 David Maciejak

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: