Test Kennung:	1.3.6.1.4.1.25623.1.0.57065
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: mambo
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to the system as announced in the referenced advisory. The following package is affected: mambo CVE-2006-3262 SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. CVE-2006-3263 SQL injection vulnerability in the Weblinks module (weblinks.php) in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter. Solution: Update your system with the appropriate patches or software upgrades. http://secunia.com/advisories/20745/ http://www.mamboserver.com/?option=com_content&task=view&id=207 http://marc.theaimsgroup.com/?l=bugtraq&m=115056811230529 http://www.vuxml.org/freebsd/f70d09cb-0c46-11db-aac7-000c6ec775d9.html CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-3262 BugTraq ID: 18492 http://www.securityfocus.com/bid/18492 Bugtraq: 20060617 Mambo <= 4.6rc1 sql injection (Google Search) http://www.securityfocus.com/archive/1/437496/100/100/threaded http://retrogod.altervista.org/mambo_46rc1_sql.html http://www.osvdb.org/26624 http://securitytracker.com/id?1016334 http://secunia.com/advisories/20745 http://securityreason.com/securityalert/1158 http://www.vupen.com/english/advisories/2006/2416 Common Vulnerability Exposure (CVE) ID: CVE-2006-3263
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.