CGI abuses : BLOG:CMS Origin Spoofing Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56987

Categoría: CGI abuses

Título: BLOG:CMS Origin Spoofing Vulnerability

Resumen: NOSUMMARY

Descripción: Description:

The remote version of Blog:CMS, according to its version
number, trusts the content of X_FORWARDED_FOR in HTTP
headers. Attackers can set this field and thus hide their
origins providing requests.

Versions prior to 4.0.0e are known to be vulnerable.

Solution : Upgrade to 4.0.0e or later.

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: BugTraq ID: 15326
Common Vulnerability Exposure (CVE) ID: CVE-2005-4687
http://www.securityfocus.com/bid/15326
http://secunia.com/advisories/17425
http://secunia.com/advisories/17433

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56987
Categoría:	CGI abuses
Título:	BLOG:CMS Origin Spoofing Vulnerability
Resumen:	NOSUMMARY
Descripción:	Description: The remote version of Blog:CMS, according to its version number, trusts the content of X_FORWARDED_FOR in HTTP headers. Attackers can set this field and thus hide their origins providing requests. Versions prior to 4.0.0e are known to be vulnerable. Solution : Upgrade to 4.0.0e or later. Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	BugTraq ID: 15326 Common Vulnerability Exposure (CVE) ID: CVE-2005-4687 http://www.securityfocus.com/bid/15326 http://secunia.com/advisories/17425 http://secunia.com/advisories/17433
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com