|Category:||Debian Local Security Checks|
|Title:||Debian LTS Advisory ([SECURITY] [DLA 1561-1] phpldapadmin security update)|
|Summary:||It was discovered that there was a cross-site scripting (XSS) vulnerability in;phpldapadmin, a web-based interface for administering LDAP servers.|
It was discovered that there was a cross-site scripting (XSS) vulnerability in
phpldapadmin, a web-based interface for administering LDAP servers.
phpLDAPadmin is a web-based LDAP client. It provides easy,
anywhere-accessible, multi-language administration for your LDAP
server. Its hierarchical tree-viewer and advanced search functionality
make it intuitive to browse and administer your LDAP directory. Since it
is a web application, this LDAP browser works on many platforms, making
your LDAP server easily manageable from any location.
Usually, you may access PLA by pointing your browser to
phpldapadmin on Debian Linux
For Debian 8 'Jessie', this problem has been fixed in version
Note: the package changelog mistakenly refers to the non-existent
CVE-2016-11107 identifier. The proper identifier to refer to this issue
We recommend that you upgrade your phpldapadmin packages.
Common Vulnerability Exposure (CVE) ID: CVE-2016-11107|
Common Vulnerability Exposure (CVE) ID: CVE-2017-11107
|Copyright||Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.