ID de Prueba:	1.3.6.1.4.1.25623.1.0.891342
Categoría:	Debian Local Security Checks
Título:	Debian LTS: Security Advisory for ldap-account-manager (DLA-1342-1)
Resumen:	Michal Kedzior found two vulnerabilities in LDAP Account Manager, a web;front-end for LDAP directories.;;CVE-2018-8763;;The found Reflected Cross Site Scripting (XSS) vulnerability might;allow an attacker to execute JavaScript code in the browser of the;victim or to redirect her to a malicious website if the victim clicks;on a specially crafted link.
Descripción:	Summary: Michal Kedzior found two vulnerabilities in LDAP Account Manager, a web front-end for LDAP directories. CVE-2018-8763 The found Reflected Cross Site Scripting (XSS) vulnerability might allow an attacker to execute JavaScript code in the browser of the victim or to redirect her to a malicious website if the victim clicks on a specially crafted link. Affected Software/OS: ldap-account-manager on Debian Linux Solution: For Debian 7 'Wheezy', these problems have been fixed in version 3.7-2+deb7u1. We recommend that you upgrade your ldap-account-manager packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-8763 Debian Security Information: DSA-4165 (Google Search) https://www.debian.org/security/2018/dsa-4165 http://seclists.org/fulldisclosure/2018/Mar/45 http://packetstormsecurity.com/files/146858/LDAP-Account-Manager-6.2-Cross-Site-Scripting.html https://lists.debian.org/debian-lts-announce/2018/04/msg00007.html
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.