Databases : Apache CouchDB Web Administration Interface 0.8.x <= 1.0.1 XSS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.103053

Categoría: Databases

Título: Apache CouchDB Web Administration Interface 0.8.x <= 1.0.1 XSS Vulnerability

Resumen: Apache CouchDB is prone to a cross-site scripting (XSS); vulnerability.

Descripción: Summary:
Apache CouchDB is prone to a cross-site scripting (XSS)
vulnerability.

Vulnerability Impact:
An attacker may leverage this issue to execute arbitrary script
code in the browser of an unsuspecting user in the context of the affected site. This may let the
attacker steal cookie-based authentication credentials and launch other attacks.

Affected Software/OS:
Apache CouchDB version 0.8.0 through 1.0.1.

Solution:
Update to version 1.0.2 or later.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3854
1025013
http://www.securitytracker.com/id?1025013
20110128 CVE-2010-3854: Apache CouchDB Cross Site Scripting Issue
http://www.securityfocus.com/archive/1/516058/100/0/threaded
43111
http://secunia.com/advisories/43111
46066
http://www.securityfocus.com/bid/46066
70734
http://osvdb.org/70734
ADV-2011-0263
http://www.vupen.com/english/advisories/2011/0263
[couchdb-dev] 20110128 CVE-2010-3854: Apache CouchDB Cross Site Scripting Issue
http://mail-archives.apache.org/mod_mbox/couchdb-dev/201101.mbox/%3CC840F655-C8C5-4EC6-8AA8-DD223E39C34A%40apache.org%3E
couchdb-adminui-xss(65050)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65050

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.103053
Categoría:	Databases
Título:	Apache CouchDB Web Administration Interface 0.8.x <= 1.0.1 XSS Vulnerability
Resumen:	Apache CouchDB is prone to a cross-site scripting (XSS); vulnerability.
Descripción:	Summary: Apache CouchDB is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Impact: An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. Affected Software/OS: Apache CouchDB version 0.8.0 through 1.0.1. Solution: Update to version 1.0.2 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3854 1025013 http://www.securitytracker.com/id?1025013 20110128 CVE-2010-3854: Apache CouchDB Cross Site Scripting Issue http://www.securityfocus.com/archive/1/516058/100/0/threaded 43111 http://secunia.com/advisories/43111 46066 http://www.securityfocus.com/bid/46066 70734 http://osvdb.org/70734 ADV-2011-0263 http://www.vupen.com/english/advisories/2011/0263 [couchdb-dev] 20110128 CVE-2010-3854: Apache CouchDB Cross Site Scripting Issue http://mail-archives.apache.org/mod_mbox/couchdb-dev/201101.mbox/%3CC840F655-C8C5-4EC6-8AA8-DD223E39C34A%40apache.org%3E couchdb-adminui-xss(65050) https://exchange.xforce.ibmcloud.com/vulnerabilities/65050
Copyright	Copyright (C) 2011 Greenbone AG