oval:org.mitre.oval:def:7434

Definition Id: oval:org.mitre.oval:def:7434

Oval ID:	oval:org.mitre.oval:def:7434
Title:	DSA-1459 gforge -- insufficient input validation
Description:	It was discovered that Gforge, a collaborative development tool, did not properly sanitise some CGI parameters, allowing SQL injection in scripts related to RSS exports. For the old stable distribution (sarge), this problem has been fixed in version 3.1-31sarge5. For the stable distribution (etch), this problem has been fixed in version 4.5.14-22etch4. For the unstable distribution (sid), this problem has been fixed in version 4.6.99+svn6330-1. We recommend that you upgrade your gforge packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1459 CVE-2008-0173	Version:	3
Platform(s):	Debian GNU/Linux 4.0 Debian GNU/Linux 3.1	Product(s):	gforge
Definition Synopsis:
Release section Debian GNU/Linux 4.0 is installed. AND Installed architecture is all AND Packages section gforge-ldap-openldap is earlier than 4.5.14-22etch4 AND gforge-mta-courier is earlier than 4.5.14-22etch4 AND gforge-mta-exim is earlier than 4.5.14-22etch4 AND gforge is earlier than 4.5.14-22etch4 AND gforge-mta-exim4 is earlier than 4.5.14-22etch4 AND gforge-common is earlier than 4.5.14-22etch4 AND gforge-mta-postfix is earlier than 4.5.14-22etch4 AND gforge-shell-postgresql is earlier than 4.5.14-22etch4 AND gforge-shell-ldap is earlier than 4.5.14-22etch4 AND gforge-lists-mailman is earlier than 4.5.14-22etch4 AND gforge-web-apache is earlier than 4.5.14-22etch4 AND gforge-db-postgresql is earlier than 4.5.14-22etch4 AND gforge-ftp-proftpd is earlier than 4.5.14-22etch4 AND gforge-dns-bind9 is earlier than 4.5.14-22etch4 OR Release section Debian GNU/Linux 3.1 is installed AND Installed architecture is all AND Packages section gforge-ldap-openldap is earlier than 3.1-31sarge5 AND sourceforge is earlier than 3.1-31sarge5 AND gforge-sourceforge-transition is earlier than 3.1-31sarge5 AND gforge-mta-exim is earlier than 3.1-31sarge5 AND gforge is earlier than 3.1-31sarge5 AND gforge-common is earlier than 3.1-31sarge5 AND gforge-mta-postfix is earlier than 3.1-31sarge5 AND gforge-mta-exim4 is earlier than 3.1-31sarge5 AND gforge-shell-ldap is earlier than 3.1-31sarge5 AND gforge-lists-mailman is earlier than 3.1-31sarge5 AND gforge-web-apache is earlier than 3.1-31sarge5 AND gforge-db-postgresql is earlier than 3.1-31sarge5 AND gforge-cvs is earlier than 3.1-31sarge5 AND gforge-ftp-proftpd is earlier than 3.1-31sarge5 AND gforge-dns-bind9 is earlier than 3.1-31sarge5

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:7434

Definition Id: oval:org.mitre.oval:def:7692

Oval ID:	oval:org.mitre.oval:def:7692
Title:	Debian GNU/Linux 3.1 is installed
Description:	Debian GNU/Linux 3.1 (sarge) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:3.1	Version:	7
Platform(s):	Debian GNU/Linux 3.1	Product(s):
Definition Synopsis:
Debian GNU/Linux 3.1 is installed
Referenced By:
oval:org.mitre.oval:def:7434

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0314s

Facebook rss twitter linkedin mail