oval:org.mitre.oval:def:12579
Definition Id: oval:org.mitre.oval:def:12579 | |||
Oval ID: | oval:org.mitre.oval:def:12579 | ||
Title: | DSA-2179-1 dtc -- SQL injection | ||
Description: | Ansgar Burchardt discovered several vulnerabilities in DTC, a web control panel for admin and accounting hosting services. CVE-2011-0434 The bw_per_moth.php graph contains an SQL injection vulnerability. CVE-2011-0435 Insufficient checks in bw_per_month.php can lead to bandwidth usage information disclosure. CVE-2011-0436 After a registration, passwords are sent in cleartext email messages. CVE-2011-0437 Authenticated users could delete accounts using an obsolete interface which was incorrectly included in the package. This update introduces a new configuration option which controls the presence of cleartext passwords in email messages. The default is not to include cleartext passwords | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2179-1 CVE-2011-0434 CVE-2011-0435 CVE-2011-0436 CVE-2011-0437 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | dtc |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6513 | |||
Oval ID: | oval:org.mitre.oval:def:6513 | ||
Title: | Debian GNU/Linux 5.0 is installed | ||
Description: | Debian GNU/Linux 5.0 (lenny) is installed | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:debian:debian_gnu/linux:5.0 | Version: | 7 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:12579 |