Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.16058 |
Kategorie: | Web application abuses |
Titel: | YaCy Peer-To-Peer Search Engine XSS |
Zusammenfassung: | The remote host contains a peer-to-peer search engine that is prone to;cross-site scripting attacks.;;Description :;;The remote host runs YaCy, a peer-to-peer distributed web search;engine and caching web proxy.;;The remote version of this software is vulnerable to multiple;cross-site scripting due to a lack of sanitization of user-supplied;data.;;Successful exploitation of this issue may allow an attacker to use the;remote server to perform an attack against a third-party user. |
Beschreibung: | Summary: The remote host contains a peer-to-peer search engine that is prone to cross-site scripting attacks. Description : The remote host runs YaCy, a peer-to-peer distributed web search engine and caching web proxy. The remote version of this software is vulnerable to multiple cross-site scripting due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to use the remote server to perform an attack against a third-party user. Solution: Upgrade to YaCy 0.32 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
Querverweis: |
BugTraq ID: 12104 Common Vulnerability Exposure (CVE) ID: CVE-2004-2651 http://www.securityfocus.com/bid/12104 Bugtraq: 20041224 XSS in yacy 0.31 (Google Search) http://archives.neohapsis.com/archives/bugtraq/2004-12/0413.html http://www.osvdb.org/12629 http://www.osvdb.org/12630 http://securitytracker.com/id?1012686 XForce ISS Database: yacy-index-xss(18688) https://exchange.xforce.ibmcloud.com/vulnerabilities/18688 XForce ISS Database: yacy-wiki-xss(18690) https://exchange.xforce.ibmcloud.com/vulnerabilities/18690 |
Copyright | Copyright (C) 2004 David Maciejak |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |