ID de Prueba:	1.3.6.1.4.1.25623.1.0.803998
Categoría:	Web application abuses
Título:	TYPO3 Multiple Vulnerabilities Mar12
Resumen:	This host is installed with TYPO3 and is prone to multiple vulnerabilities.
Descripción:	Summary: This host is installed with TYPO3 and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple errors exist in the application: - An error exists in Backend, which fails to validate user supplied input properly. - An error exists in Command Line Interface script, which on directly accessed with a browser may disclose the database name - An error exists in HTML Sanitizing API, which fails to validate user supplied input properly. Vulnerability Impact: Successful exploitation will allow remote attackers to steal the victim's cookie-based authentication credentials or get sensitive information. Affected Software/OS: TYPO3 version 4.4.0 to 4.4.13, 4.5.0 to 4.5.13 and 4.6.0 to 4.6.6 Solution: Upgrade to TYPO3 version 4.4.14, 4.5.14 4.6.7 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	BugTraq ID: 52771 Common Vulnerability Exposure (CVE) ID: CVE-2012-1606 http://www.securityfocus.com/bid/52771 Debian Security Information: DSA-2445 (Google Search) http://www.debian.org/security/2012/dsa-2445 http://www.openwall.com/lists/oss-security/2012/03/30/4 http://osvdb.org/80760 http://secunia.com/advisories/48622 http://secunia.com/advisories/48647 Common Vulnerability Exposure (CVE) ID: CVE-2012-1607 http://osvdb.org/80761 Common Vulnerability Exposure (CVE) ID: CVE-2012-1608 http://www.osvdb.org/80762
Copyright	Copyright (C) 2014 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.