Test Kennung:	1.3.6.1.4.1.25623.1.0.56760
Kategorie:	CGI abuses
Titel:	WebCalendar Export_Handler.PHP File Corruption Vulnerability
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host has a version of WebCalendar installed allows attackers to overwrite data files as a result of an improperly sanitized 'id' parameter to the 'Export_Handler.PHP' script. Version 1.0.1 is known to be vulnerable. Solution : Upgrade to a later version. Risk factor : Medium CVSS Score: 5.0
Querverweis:	BugTraq ID: 15608 Common Vulnerability Exposure (CVE) ID: CVE-2005-3961 http://www.securityfocus.com/bid/15608 Bugtraq: 20051128 WebCalendar Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/417900/100/0/threaded Debian Security Information: DSA-1002 (Google Search) http://www.debian.org/security/2006/dsa-1002 http://www.ush.it/2005/11/28/webcalendar-multiple-vulnerabilities http://www.osvdb.org/21220 http://secunia.com/advisories/17784 http://secunia.com/advisories/19240 http://securityreason.com/securityalert/215 http://www.vupen.com/english/advisories/2005/2643 XForce ISS Database: webcalendar-exporthandler-file-overwrite(23370) https://exchange.xforce.ibmcloud.com/vulnerabilities/23370
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.