Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Debian Local Security Checks --> Category: infos

[DSA980] DSA-980-1 tutos Vulnerability Scan

Vulnerability Scan Summary
DSA-980-1 tutos

Detailed Explanation for this Vulnerability Test

Joxean Koret discovered several security problems in tutos, a web-based
team organization software. The Common Vulnerabilities and Exposures Project
identifies the following problems:
An SQL injection vulnerability allows the execution of SQL commands
through the link_id parameter in file_overview.php.
Cross-Site-Scripting vulnerabilities in the search function of the
address book and in app_new.php allow the execution of web script
The old stable distribution (woody) does not contain tutos packages.
For the stable distribution (sarge) these problems have been fixed in
version 1.1.20031017-2+1sarge1.
The unstable distribution (sid) does no longer contain tutos packages.
We recommend that you upgrade your tutos package.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.