ID de Prueba:	1.3.6.1.4.1.25623.1.0.103904
Categoría:	Web application abuses
Título:	Koha Multiple Vulnerabilities (Feb 2014) - Active Check
Resumen:	Koha is prone to multiple vulnerabilities.
Descripción:	Summary: Koha is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - Bug 11660: tools/pdfViewer.pl could be used to read arbitrary files on the server - Bug 11661: the staff interface help editor could be used to modify or create arbitrary files on the server with the privileges of the Apache user - Bug 11662: member-picupload.pl could be used to write to arbitrary files on the server with the privileges of the Apache user - Bug 11666: the MARC framework import/export function did not require authentication, and could be used to perform unexpected SQL commands Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1922 http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11660 http://koha-community.org/security-release-february-2014/ http://www.openwall.com/lists/oss-security/2014/02/07/10 http://www.openwall.com/lists/oss-security/2014/02/10/3 Common Vulnerability Exposure (CVE) ID: CVE-2014-1923 http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11661 http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11662 Common Vulnerability Exposure (CVE) ID: CVE-2014-1924 http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11666 Common Vulnerability Exposure (CVE) ID: CVE-2014-1925
Copyright	Copyright (C) 2014 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.