oval:org.mitre.oval:def:8028

Definition Id: oval:org.mitre.oval:def:8028

Oval ID:	oval:org.mitre.oval:def:8028
Title:	DSA-1488 phpbb2 -- several vulnerabilities
Description:	Several remote vulnerabilities have been discovered in phpBB, a web based bulletin board. The Common Vulnerabilities and Exposures project identifies the following problems: Private messaging allowed cross site request forgery, making it possible to delete all private messages of a user by sending them to a crafted web page. Cross site request forgery enabled an attacker to perform various actions on behalf of a logged in user. (Applies to sarge only.) A negative start parameter could allow an attacker to create invalid output. (Applies to sarge only.) Redirection targets were not fully checked, leaving room for unauthorised external redirections via a phpBB forum. (Applies to sarge only.) An authenticated forum administrator may upload files of any type by using specially crafted filenames. (Applies to sarge only.)
Family:	unix	Class:	patch
Reference(s):	DSA-1488 CVE-2006-4758 CVE-2006-6839 CVE-2006-6840 CVE-2006-6508 CVE-2006-6841 CVE-2008-0471	Version:	3
Platform(s):	Debian GNU/Linux 4.0 Debian GNU/Linux 3.1	Product(s):	phpbb2
Definition Synopsis:
Release section Debian GNU/Linux 4.0 is installed. AND Installed architecture is all AND Packages section phpbb2-languages is earlier than 2.0.21-7 AND phpbb2 is earlier than 2.0.21-7 AND phpbb2-conf-mysql is earlier than 2.0.21-7 OR Release section Debian GNU/Linux 3.1 is installed AND Installed architecture is all AND Packages section phpbb2 is earlier than 2.0.13-6sarge4 AND phpbb2-languages is earlier than 2.0.13-6sarge4 AND phpbb2-conf-mysql is earlier than 2.0.13-6sarge4

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:8028

Definition Id: oval:org.mitre.oval:def:7692

Oval ID:	oval:org.mitre.oval:def:7692
Title:	Debian GNU/Linux 3.1 is installed
Description:	Debian GNU/Linux 3.1 (sarge) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:3.1	Version:	7
Platform(s):	Debian GNU/Linux 3.1	Product(s):
Definition Synopsis:
Debian GNU/Linux 3.1 is installed
Referenced By:
oval:org.mitre.oval:def:8028

Copyright Security-Database 2006-2025 - Powered by themself ;) in 1.7541s

Facebook rss twitter linkedin mail