Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Debian Local Security Checks --> Category: infos

[DSA420] DSA-420-1 jitterbug Vulnerability Scan

Vulnerability Scan Summary
DSA-420-1 jitterbug

Detailed Explanation for this Vulnerability Test

Steve Kemp discovered a security related problem in jitterbug, a
simple CGI based bug tracking and reporting tool. Unfortunately the
program executions do not properly sanitize input, which allows an
attacker to execute arbitrary commands on the server hosting the bug
database. As mitigating factors these attacks are only available to
non-guest users, and accounts for these people must be setup by the
administrator making them "trusted".
For the stable distribution (woody) this problem has been fixed in
version 1.6.2-4.2woody2.
For the unstable distribution (sid) this problem has been fixed in
version 1.6.2-4.5.
We recommend that you upgrade your jitterbug package.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.