Test ID:	1.3.6.1.4.1.25623.1.0.67033
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-2009-1)
Summary:	The remote host is missing an update for the Debian 'tdiary' package(s) announced via the DSA-2009-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'tdiary' package(s) announced via the DSA-2009-1 advisory. Vulnerability Insight: It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insufficient input sanitising in the TrackBack transmission plugin. For the stable distribution (lenny), this problem has been fixed in version 2.2.1-1+lenny1. For the testing distribution (squeeze), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 2.2.1-1.1. We recommend that you upgrade your tdiary packages. Affected Software/OS: 'tdiary' package(s) on Debian 5. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0726 BugTraq ID: 38413 http://www.securityfocus.com/bid/38413 http://jvn.jp/en/jp/JVN73331060/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2010-000005 http://tdiary.svn.sourceforge.net/viewvc/tdiary/branches/Stable-2_2/plugin/tb-send.rb?r1=3238&r2=3573 http://osvdb.org/62562 http://secunia.com/advisories/38742
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.