Test ID:	1.3.6.1.4.1.25623.1.0.56651
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: lifetype
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: lifetype CVE-2006-0146 The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, and (4) Cacti, (5) Xaraya, (6) PHPOpenChat, and (7) MAXdev MD-Pro, and when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL statements via the sql parameter. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0146 BugTraq ID: 16187 http://www.securityfocus.com/bid/16187 Bugtraq: 20060202 Bug for libs in php link directory 2.0 (Google Search) http://www.securityfocus.com/archive/1/423784/100/0/threaded Bugtraq: 20060409 PhpOpenChat 3.0.x ADODB Server.php "sql" SQL injection (Google Search) http://www.securityfocus.com/archive/1/430448/100/0/threaded Bugtraq: 20070418 MediaBeez Sql query Execution .. Wear isn't ?? :) (Google Search) http://www.securityfocus.com/archive/1/466171/100/0/threaded Debian Security Information: DSA-1029 (Google Search) http://www.debian.org/security/2006/dsa-1029 Debian Security Information: DSA-1030 (Google Search) http://www.debian.org/security/2006/dsa-1030 Debian Security Information: DSA-1031 (Google Search) http://www.debian.org/security/2006/dsa-1031 http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html http://secunia.com/secunia_research/2005-64/advisory/ http://www.osvdb.org/22290 http://secunia.com/advisories/17418 http://secunia.com/advisories/18233 http://secunia.com/advisories/18254 http://secunia.com/advisories/18260 http://secunia.com/advisories/18267 http://secunia.com/advisories/18276 http://secunia.com/advisories/18720 http://secunia.com/advisories/19555 http://secunia.com/advisories/19563 http://secunia.com/advisories/19590 http://secunia.com/advisories/19591 http://secunia.com/advisories/19600 http://secunia.com/advisories/19691 http://secunia.com/advisories/19699 http://secunia.com/advisories/24954 http://securityreason.com/securityalert/713 http://www.vupen.com/english/advisories/2006/0101 http://www.vupen.com/english/advisories/2006/0102 http://www.vupen.com/english/advisories/2006/0103 http://www.vupen.com/english/advisories/2006/0104 http://www.vupen.com/english/advisories/2006/0105 http://www.vupen.com/english/advisories/2006/0370 http://www.vupen.com/english/advisories/2006/0447 http://www.vupen.com/english/advisories/2006/1304 http://www.vupen.com/english/advisories/2006/1305 http://www.vupen.com/english/advisories/2006/1419 XForce ISS Database: adodb-server-command-execution(24051) https://exchange.xforce.ibmcloud.com/vulnerabilities/24051
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.