oval:org.mitre.oval:def:13586

Definition Id: oval:org.mitre.oval:def:13586

Oval ID:	oval:org.mitre.oval:def:13586
Title:	DSA-1937-1 gforge -- insufficient input sanitising
Description:	It was discovered that gforge, collaborative development tool, is prone to a cross-site scripting attack via the helpname parameter. Beside fixing this issue, the update also introduces some additional input sanitising. However, there are no known attack vectors. For the stable distribution, these problem have been fixed in version 4.7~rc2-7lenny2. The oldstable distribution, these problems have been fixed in version 4.5.14-22etch12. For the testing distribution and the unstable distribution, these problems have been fixed in version 4.8.1-3. We recommend that you upgrade your gforge packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1937-1 CVE-2009-3303	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 4.0	Product(s):	gforge
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND Packages section gforge-mta-exim4 DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-mta-courier DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-plugin-scmcvs DPKG is earlier than 4.7~rc2-7lenny2 AND gforge DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-common DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-plugin-scmsvn DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-web-apache2 DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-mta-postfix DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-shell-postgresql DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-lists-mailman DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-web-apache DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-db-postgresql DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-ftp-proftpd DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-plugin-mediawiki DPKG is earlier than 4.7~rc2-7lenny2 AND gforge-dns-bind9 DPKG is earlier than 4.7~rc2-7lenny2 OR Release section Debian GNU/Linux 4.0 is installed. AND Installed architecture is all AND Packages section gforge-ldap-openldap DPKG is earlier than 4.5.14-22etch12 AND gforge-mta-exim4 DPKG is earlier than 4.5.14-22etch12 AND gforge-mta-courier DPKG is earlier than 4.5.14-22etch12 AND gforge-db-postgresql DPKG is earlier than 4.5.14-22etch12 AND gforge DPKG is earlier than 4.5.14-22etch12 AND gforge-common DPKG is earlier than 4.5.14-22etch12 AND gforge-mta-postfix DPKG is earlier than 4.5.14-22etch12 AND gforge-shell-postgresql DPKG is earlier than 4.5.14-22etch12 AND gforge-shell-ldap DPKG is earlier than 4.5.14-22etch12 AND gforge-lists-mailman DPKG is earlier than 4.5.14-22etch12 AND gforge-web-apache DPKG is earlier than 4.5.14-22etch12 AND gforge-mta-exim DPKG is earlier than 4.5.14-22etch12 AND gforge-ftp-proftpd DPKG is earlier than 4.5.14-22etch12 AND gforge-dns-bind9 DPKG is earlier than 4.5.14-22etch12

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:13586

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:13586

Copyright Security-Database 2006-2025 - Powered by themself ;) in 0.0296s

Facebook rss twitter linkedin mail