Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.801881 |
Kategorie: | Web application abuses |
Titel: | HP SiteScope Cross Site Scripting and HTML Injection Vulnerabilities |
Zusammenfassung: | This host is running HP SiteScope and is prone to cross site scripting; and HTML injection vulnerabilities. |
Beschreibung: | Summary: This host is running HP SiteScope and is prone to cross site scripting and HTML injection vulnerabilities. Vulnerability Insight: The flaws are caused by input validation errors when processing user-supplied data, which could allow cross site scripting or HTML injection attacks. Vulnerability Impact: Successful exploitation will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. Affected Software/OS: HP SiteScope versions 9.54, 10.13, 11.01, and 11.1 Solution: Upgrade to HP SiteScope version 11.1 and apply the SS1110110412 hotfix. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
Querverweis: |
BugTraq ID: 47554 Common Vulnerability Exposure (CVE) ID: CVE-2011-1726 http://www.securityfocus.com/bid/47554 HPdes Security Advisory: HPSBMA02667 http://marc.info/?l=bugtraq&m=130374351406700&w=2 HPdes Security Advisory: SSRT100464 http://osvdb.org/72060 http://www.securitytracker.com/id?1025436 http://secunia.com/advisories/44322 http://secunia.com/advisories/44354 http://securityreason.com/securityalert/8235 http://www.vupen.com/english/advisories/2011/1091 XForce ISS Database: sitescope-unspec-xss(67018) https://exchange.xforce.ibmcloud.com/vulnerabilities/67018 Common Vulnerability Exposure (CVE) ID: CVE-2011-1727 http://osvdb.org/72061 XForce ISS Database: hp-sitescope-unspec-xss(67020) https://exchange.xforce.ibmcloud.com/vulnerabilities/67020 |
Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |