|
|
Family: Debian Local Security Checks --> Category: infos
[DSA842] DSA-842-1 egroupware Vulnerability Scan
Vulnerability Scan Summary
DSA-842-1 egroupware
Detailed Explanation for this Vulnerability Test
Stefan Esser discovered a vulnerability in the XML-RPC libraries which
are also present in egroupware, a web-based groupware suite, that
allows injection of arbitrary PHP code into eval() statements.
The old stable distribution (woody) does not contain egroupware packages.
For the stable distribution (sarge) this problem has been fixed in
version 1.0.0.007-2.dfsg-2sarge2.
For the unstable distribution (sid) this problem has been fixed in
version 1.0.0.009.dfsg-1.
We recommend that you upgrade your egroupware packages.
Solution : http://www.debian.org/security/2005/dsa-842
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
