|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu USN-1026-1 (paste)|
|Summary:||Ubuntu USN-1026-1 (paste)|
|Description:||The remote host is missing an update to paste|
announced via advisory USN-1026-1.
It was discovered that Python Paste did not properly sanitize certain
strings, resulting in cross-site scripting (XSS) vulnerabilities. With
cross-site scripting vulnerabilities, if a user were tricked into viewing
server output during a crafted server request, a remote attacker could
exploit this to modify the contents, or steal confidential data, within
the same domain.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 10.04 LTS:
In general, a standard system update will make all the necessary changes.
Risk factor : Medium
Common Vulnerability Exposure (CVE) ID: CVE-2010-2477|
BugTraq ID: 41160
|Copyright||Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.