|
Test ID: | 1.3.6.1.4.1.25623.1.0.56266 |
Category: | FreeBSD Local Security Checks |
Title: | FreeBSD Ports: mantis |
Summary: | FreeBSD Ports: mantis |
Description: | Description: The remote host is missing an update to the system as announced in the referenced advisory. The following package is affected: mantis CVE-2005-4238 Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter. Solution: Update your system with the appropriate patches or software upgrades. http://pridels.blogspot.com/2005/12/mantis-bugtracking-system-xss-vuln.html http://www.vuxml.org/freebsd/592815da-9eed-11da-b410-000e0c2e438a.html CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
Cross-Ref: |
BugTraq ID: 15842 Common Vulnerability Exposure (CVE) ID: CVE-2005-4238 http://pridels0.blogspot.com/2005/12/mantis-bugtracking-system-xss-vuln.html Debian Security Information: DSA-944 (Google Search) http://www.debian.org/security/2005/dsa-944 http://www.securityfocus.com/bid/15842 http://www.vupen.com/english/advisories/2005/2874 http://secunia.com/advisories/18018 http://secunia.com/advisories/18481 |
Copyright | Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com |
This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|