ID de Prueba:	1.3.6.1.4.1.25623.1.0.14823
Categoría:	Web application abuses
Título:	ViewCVS XSS
Resumen:	The remote host seems to be running ViewCVS, an open source CGI written in; python designed to access CVS directories using a web interface.;; The remote version of this software is vulnerable to many cross-site scripting; flaws though the script 'viewcvs'.;; Using a specially crafted URL, an attacker can cause arbitrary code execution; for third party users, thus resulting in a loss of integrity of their system.
Descripción:	Summary: The remote host seems to be running ViewCVS, an open source CGI written in python designed to access CVS directories using a web interface. The remote version of this software is vulnerable to many cross-site scripting flaws though the script 'viewcvs'. Using a specially crafted URL, an attacker can cause arbitrary code execution for third party users, thus resulting in a loss of integrity of their system. Solution: Update to the latest version of this software CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-0771 BugTraq ID: 4818 http://www.securityfocus.com/bid/4818 Bugtraq: 20020518 cross-site scripting bug of ViewCVS (Google Search) http://archives.neohapsis.com/archives/bugtraq/2002-05/0161.html http://www.iss.net/security_center/static/9112.php
Copyright	Copyright (C) 2004 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.