Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.14823 |
Kategorie: | Web application abuses |
Titel: | ViewCVS XSS |
Zusammenfassung: | The remote host seems to be running ViewCVS, an open source CGI written in; python designed to access CVS directories using a web interface.;; The remote version of this software is vulnerable to many cross-site scripting; flaws though the script 'viewcvs'.;; Using a specially crafted URL, an attacker can cause arbitrary code execution; for third party users, thus resulting in a loss of integrity of their system. |
Beschreibung: | Summary: The remote host seems to be running ViewCVS, an open source CGI written in python designed to access CVS directories using a web interface. The remote version of this software is vulnerable to many cross-site scripting flaws though the script 'viewcvs'. Using a specially crafted URL, an attacker can cause arbitrary code execution for third party users, thus resulting in a loss of integrity of their system. Solution: Update to the latest version of this software CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N |
Querverweis: |
BugTraq ID: 4818 Common Vulnerability Exposure (CVE) ID: CVE-2002-0771 http://www.securityfocus.com/bid/4818 Bugtraq: 20020518 cross-site scripting bug of ViewCVS (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-05/0161.html http://www.iss.net/security_center/static/9112.php |
Copyright | Copyright (C) 2004 David Maciejak |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |