|Title:||Owl Multiple Vulnerabilities|
The remote host is using owl intranet engine, an open-source file sharing
utility written in php.
The remote version of this software is vulnerable to various flaws which
may allow an attacker to execute arbitrary SQL statements against the
remote database or to perform a cross site scripting attack against third
party users by using the remote server.
Solution : Upgrade to Owl 0.74.0 or newer
Risk factor : Medium
BugTraq ID: 12114|
Common Vulnerability Exposure (CVE) ID: CVE-2005-0265
Bugtraq: 20050101 Various Vulnerabilities in OWL Intranet Engine (Google Search)
XForce ISS Database: owl-intranet-engine-sql-injection(18704)
Common Vulnerability Exposure (CVE) ID: CVE-2005-0264
XForce ISS Database: owl-intranet-engine-xss(18705)
|Copyright||This script is Copyright (C) 2004 Tenable Network Security|
|This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.