|
Family: Debian Local Security Checks --> Category: infos
[DSA1066] DSA-1066-1 phpbb2 Vulnerability Scan
Vulnerability Scan Summary DSA-1066-1 phpbb2
Detailed Explanation for this Vulnerability Test
It was discovered that phpbb2, a web based bulletin board, does
insufficiently sanitise values passed to the "Font Colour 3" setting,
which might lead to the execution of injected code by admin users.
The old stable distribution (woody) does not contain phpbb2 packages.
For the stable distribution (sarge) this problem has been fixed in
version 2.0.13+1-6sarge3.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your phpbb2 package.
Solution : http://www.debian.org/security/2006/dsa-1066
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|