oval:org.mitre.oval:def:13875

Definition Id: oval:org.mitre.oval:def:13875
 
Oval ID: oval:org.mitre.oval:def:13875
Title: USN-826-1 -- mono vulnerabilities
Description: It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. It was discovered that Mono did not properly escape certain attributes in the ASP.net class libraries which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. This issue only affected Ubuntu 8.04 LTS. It was discovered that Mono did not properly filter CRLF injections in the query string. If a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, steal confidential data, or perform cross-site request forgeries. This issue only affected Ubuntu 8.04 LTS
Family: unix Class: patch
Reference(s): USN-826-1
CVE-2009-0217
CVE-2008-3422
CVE-2008-3906
 Version: 5
Platform(s): Ubuntu 8.10
Ubuntu 8.04
Ubuntu 9.04
 Product(s): mono
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13250
 
Oval ID: oval:org.mitre.oval:def:13250
Title: Ubuntu 8.04 is installed
Description: Ubuntu 8.04 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:ubuntu:ubuntu_linux:8.04
 Version: 3
Platform(s): Ubuntu 8.04
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13875
Definition Id: oval:org.mitre.oval:def:13306
 
Oval ID: oval:org.mitre.oval:def:13306
Title: Ubuntu 8.10 is installed
Description: Ubuntu 8.10 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:ubuntu:ubuntu_linux:8.10
 Version: 3
Platform(s): Ubuntu 8.10
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13875
Definition Id: oval:org.mitre.oval:def:12669
 
Oval ID: oval:org.mitre.oval:def:12669
Title: Ubuntu 9.04 is installed
Description: Ubuntu 9.04 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:canonical:ubuntu_linux:9.04
 Version: 5
Platform(s): Ubuntu 9.04
 Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13875