Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2003:084: perl-CGI Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the perl-CGI package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2003:084 (perl-CGI).
Eye on Security found a cross-site scripting vulnerability in the start_form()
function in CGI.pm. This vulnerability allows a remote attacker to place a web
script in a URL which feeds into a form's action parameter and allows execution
by the browser as if it was coming from the site.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:084
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.