Family: Debian Local Security Checks --> Category: infos
[DSA1096] DSA-1096-1 webcalendar Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
A vulnerability has been discovered in webcalendar, a PHP-based
multi-user calendar, that allows a remote attacker to execute
arbitrary PHP code when register_globals is turned on.
The old stable distribution (woody) does not contain a webcalendar package.
For the stable distribution (sarge) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your webcalendar package.
Solution : http://www.debian.org/security/2006/dsa-1096
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.