|
Family: Debian Local Security Checks --> Category: infos
[DSA989] DSA-989-1 zoph Vulnerability Scan
Vulnerability Scan Summary DSA-989-1 zoph
Detailed Explanation for this Vulnerability Test
Neil McBride discovered that Zoph, a web based photo management system
performs insufficient sanitising for input passed to photo searches, which
may lead to the execution of SQL commands through a SQL injection attack.
The old stable distribution (woody) does not contain zoph packages.
For the stable distribution (sarge) this problem has been fixed in
version 0.3.3-12sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 0.5-1.
We recommend that you upgrade your zoph package.
Solution : http://www.debian.org/security/2006/dsa-989
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|