Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200501-08] phpGroupWare: Various vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
phpGroupWare: Various vulnerabilities
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200501-08
(phpGroupWare: Various vulnerabilities)
Several flaws were discovered in phpGroupWare making it vulnerable to
cross-site scripting attacks, SQL injection, and full path disclosure.
These vulnerabilities could allow a possible hacker to perform cross-site
scripting attacks, execute SQL queries, and disclose the full path of
the web directory.
There is no known workaround at this time.
All phpGroupWare users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/phpgroupware-0.9.16.004"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.