 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.123977 |
| Category: | Oracle Linux Local Security Checks |
| Title: | Oracle: Security Advisory (ELSA-2012-0151) |
| Summary: | The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2012-0151 advisory. |
| Description: | Summary: The remote host is missing an update for the 'conga' package(s) announced via the ELSA-2012-0151 advisory. Vulnerability Insight: [0.12.2-51.0.1.el5] - Added conga-enterprise.patch - Added conga-enterprise-Carthage.patch to support OEL5 - Replaced redhat logo image in conga-0.12.2.tar.gz [0.12.2-51] - Fix bz711494 (CVE-2011-1948 plone: reflected XSS vulnerability) - Fix bz771920 (CVE-2011-4924 Zope: Incomplete upstream patch for CVE-2010-1104/bz577019) [0.12.2-45] - Fix bz751359 (Add luci support for fence_ipmilan's -L option) [0.12.2-44] - Fix bz577019 (CVE-2010-1104 zope: XSS on error page) [0.12.2-42] - Fix bz755935 (luci_admin man page is misleading) - Fix bz755941 (luci_admin restore is not consistent) [0.12.2-40] - Fix excluding busy nodes not working properly in luci internals. [0.12.2-38] - Additional fix for bz734562 (Improve Luci's resource name validation) [0.12.2-37] - Additional fix for bz734562 (Improve Luci's resource name validation) [0.12.2-36] - Bump version of the luci database. [0.12.2-35] - Fix bz739600 (conga allows erroneous characters in resource) - Fix bz734562 (Improve Luci's resource name validation) [0.12.2-34] - Fix bz709478 (Ricci fails to detect if host if virtual machine capable) - Fix bz723000 (Modifying an existing shared resource will not update the reference in the cluster.conf) - Fix bz723188 (Luci does not allow to modify __max_restarts and __restart_expire_time for independent subtrees, only for non-critical resources) [0.12.2-33] - Fix bz732483 (Create new cluster fails with luci when installing packages.) Affected Software/OS: 'conga' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-1104 BugTraq ID: 37765 http://www.securityfocus.com/bid/37765 https://mail.zope.org/pipermail/zope-announce/2010-January/002229.html http://www.osvdb.org/61655 http://secunia.com/advisories/38007 http://www.vupen.com/english/advisories/2010/0104 XForce ISS Database: zope-standarderrormessage-xss(55599) https://exchange.xforce.ibmcloud.com/vulnerabilities/55599 Common Vulnerability Exposure (CVE) ID: CVE-2011-1948 20110526 [CVE-REQUEST] Plone XSS and permission errors http://www.securityfocus.com/archive/1/518155/100/0/threaded 44775 http://secunia.com/advisories/44775 44776 http://secunia.com/advisories/44776 48005 http://www.securityfocus.com/bid/48005 72727 http://osvdb.org/72727 8269 http://securityreason.com/securityalert/8269 http://plone.org/products/plone/security/advisories/CVE-2011-1948 plone-unspec-xss(67693) https://exchange.xforce.ibmcloud.com/vulnerabilities/67693 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |