ID DEBIAN_DSA-953.NASL Type nessus Reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. Modified 2019-11-02T00:00:00
Description
Several cross-site scripting vulnerabilities have been discovered in
flyspray, a lightweight bug tracking system, which allows attackers to
insert arbitrary script code into the index page.
#%NASL_MIN_LEVEL 80502
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-953. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include("compat.inc");
if (description)
{
script_id(22819);
script_version("1.15");
script_cvs_date("Date: 2019/08/02 13:32:20");
script_cve_id("CVE-2005-3334");
script_xref(name:"DSA", value:"953");
script_name(english:"Debian DSA-953-1 : flyspray - missing input sanitising");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Several cross-site scripting vulnerabilities have been discovered in
flyspray, a lightweight bug tracking system, which allows attackers to
insert arbitrary script code into the index page."
);
script_set_attribute(
attribute:"see_also",
value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997"
);
script_set_attribute(
attribute:"see_also",
value:"http://www.debian.org/security/2006/dsa-953"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the flyspray package.
The old stable distribution (woody) does not contain flyspray.
For the stable distribution (sarge) this problem has been fixed in
version 0.9.7-2.1."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:flyspray");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");
script_set_attribute(attribute:"patch_publication_date", value:"2006/01/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14");
script_set_attribute(attribute:"vuln_publication_date", value:"2005/10/26");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"3.1", prefix:"flyspray", reference:"0.9.7-2.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "DEBIAN_DSA-953.NASL", "bulletinFamily": "scanner", "title": "Debian DSA-953-1 : flyspray - missing input sanitising", "description": "Several cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.", "published": "2006-10-14T00:00:00", "modified": "2019-11-02T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://www.tenable.com/plugins/nessus/22819", "reporter": "This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.", "references": ["http://www.debian.org/security/2006/dsa-953", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997"], "cvelist": ["CVE-2005-3334"], "type": "nessus", "lastseen": "2019-11-01T02:25:55", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:flyspray", "cpe:/o:debian:debian_linux:3.1"], "cvelist": ["CVE-2005-3334"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Several cross-site scripting vulnerabilities have been discovered in flyspray, a lightweight bug tracking system, which allows attackers to insert arbitrary script code into the index page.", "edition": 8, "enchantments": {"dependencies": {"modified": "2019-02-21T01:09:32", "references": [{"idList": ["FREEBSD_PKG_F4B9543051D811DA8E930010DC4AFB40.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:DOC:11165"], "type": "securityvulns"}, {"idList": ["OPENVAS:56208", "OPENVAS:55841"], "type": "openvas"}, {"idList": ["DEBIAN:DSA-953-1:E8019"], "type": "debian"}, {"idList": ["OSVDB:20326"], "type": "osvdb"}, {"idList": ["EDB-ID:26400"], "type": "exploitdb"}, {"idList": ["CVE-2005-3334"], "type": "cve"}]}, "score": {"modified": "2019-02-21T01:09:32", "value": 5.0, "vector": "NONE"}}, "hash": "54beedadcec72536ba4582511ab432899ee15c86e7dc6487ad3b2a17c6430ce7", "hashmap": [{"hash": "9de3954783b966fb3e31185a433eab2d", "key": "href"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "119ba2f108425981240d240f4c412418", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "411730d8b829786dbf2f7ddcb08d9bf5", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "fe858961131851490e536e16b63cfa78", "key": "cvelist"}, {"hash": "8538239b425600b7f049c11c2999215b", "key": "title"}, {"hash": "0f27381968e496fc100cedf9aad78139", "key": "references"}, {"hash": "1286551799ad04d1dc5148f1c2f1dfd9", "key": "cpe"}, {"hash": "2afdb805c17991d2cdeb3b51b1d77857", "key": "pluginID"}, {"hash": "86d6f93d80759314a0bc35386ef0213d", "key": "description"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=22819", "id": "DEBIAN_DSA-953.NASL", "lastseen": "2019-02-21T01:09:32", "modified": "2018-08-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "22819", "published": "2006-10-14T00:00:00", "references": ["http://www.debian.org/security/2006/dsa-953", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-953. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22819);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/08/10 18:07:05\");\n\n script_cve_id(\"CVE-2005-3334\");\n script_xref(name:\"DSA\", value:\"953\");\n\n script_name(english:\"Debian DSA-953-1 : flyspray - missing input sanitising\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-953\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the flyspray package.\n\nThe old stable distribution (woody) does not contain flyspray.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.7-2.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:flyspray\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"flyspray\", reference:\"0.9.7-2.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-953-1 : flyspray - missing input sanitising", "type": "nessus", "viewCount": 2}, "differentElements": ["cvss", "description", "reporter", "modified", "sourceData", "href"], "edition": 8, "lastseen": "2019-02-21T01:09:32"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:flyspray", "cpe:/o:debian:debian_linux:3.1"], "cvelist": ["CVE-2005-3334"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Several cross-site scripting vulnerabilities have been discovered in flyspray, a lightweight bug tracking system, which allows attackers to insert arbitrary script code into the index page.", "edition": 6, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "54beedadcec72536ba4582511ab432899ee15c86e7dc6487ad3b2a17c6430ce7", "hashmap": [{"hash": "9de3954783b966fb3e31185a433eab2d", "key": "href"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "119ba2f108425981240d240f4c412418", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "411730d8b829786dbf2f7ddcb08d9bf5", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "fe858961131851490e536e16b63cfa78", "key": "cvelist"}, {"hash": "8538239b425600b7f049c11c2999215b", "key": "title"}, {"hash": "0f27381968e496fc100cedf9aad78139", "key": "references"}, {"hash": "1286551799ad04d1dc5148f1c2f1dfd9", "key": "cpe"}, {"hash": "2afdb805c17991d2cdeb3b51b1d77857", "key": "pluginID"}, {"hash": "86d6f93d80759314a0bc35386ef0213d", "key": "description"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=22819", "id": "DEBIAN_DSA-953.NASL", "lastseen": "2018-09-02T00:10:11", "modified": "2018-08-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "22819", "published": "2006-10-14T00:00:00", "references": ["http://www.debian.org/security/2006/dsa-953", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-953. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22819);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/08/10 18:07:05\");\n\n script_cve_id(\"CVE-2005-3334\");\n script_xref(name:\"DSA\", value:\"953\");\n\n script_name(english:\"Debian DSA-953-1 : flyspray - missing input sanitising\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-953\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the flyspray package.\n\nThe old stable distribution (woody) does not contain flyspray.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.7-2.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:flyspray\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"flyspray\", reference:\"0.9.7-2.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-953-1 : flyspray - missing input sanitising", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 6, "lastseen": "2018-09-02T00:10:11"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:flyspray", "cpe:/o:debian:debian_linux:3.1"], "cvelist": ["CVE-2005-3334"], "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "description": "Several cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.", "edition": 9, "enchantments": {"dependencies": {"modified": "2019-10-28T20:10:21", "references": [{"idList": ["FREEBSD_PKG_F4B9543051D811DA8E930010DC4AFB40.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:DOC:11165"], "type": "securityvulns"}, {"idList": ["OPENVAS:56208", "OPENVAS:55841"], "type": "openvas"}, {"idList": ["DEBIAN:DSA-953-1:E8019"], "type": "debian"}, {"idList": ["OSVDB:20326"], "type": "osvdb"}, {"idList": ["EDB-ID:26400"], "type": "exploitdb"}, {"idList": ["CVE-2005-3334"], "type": "cve"}]}, "score": {"modified": "2019-10-28T20:10:21", "value": 5.0, "vector": "NONE"}}, "hash": "6dfc95b77dac8536f2b1edb977268f3f113efe43c61e2e517fc46c34140e623d", "hashmap": [{"hash": "fb98b923c1891391b1cdcc17e27a14f6", "key": "reporter"}, {"hash": "bd31a05efcc83940aaad4c3357c19f46", "key": "href"}, {"hash": "119ba2f108425981240d240f4c412418", "key": "published"}, {"hash": "eea5a64afb0fa069c7be52078dac3037", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "0bafb6325bcaf483a25404f785191cc5", "key": "modified"}, {"hash": "fe858961131851490e536e16b63cfa78", "key": "cvelist"}, {"hash": "8538239b425600b7f049c11c2999215b", "key": "title"}, {"hash": "553be01e3562abcae046ef6bbede1171", "key": "description"}, {"hash": "0f27381968e496fc100cedf9aad78139", "key": "references"}, {"hash": "1286551799ad04d1dc5148f1c2f1dfd9", "key": "cpe"}, {"hash": "2afdb805c17991d2cdeb3b51b1d77857", "key": "pluginID"}, {"hash": "f74a1c24e49a5ecb0eefb5e51d4caa14", "key": "cvss"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/nessus/22819", "id": "DEBIAN_DSA-953.NASL", "lastseen": "2019-10-28T20:10:21", "modified": "2019-10-02T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "22819", "published": "2006-10-14T00:00:00", "references": ["http://www.debian.org/security/2006/dsa-953", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997"], "reporter": "This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-953. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22819);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:20\");\n\n script_cve_id(\"CVE-2005-3334\");\n script_xref(name:\"DSA\", value:\"953\");\n\n script_name(english:\"Debian DSA-953-1 : flyspray - missing input sanitising\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-953\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the flyspray package.\n\nThe old stable distribution (woody) does not contain flyspray.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.7-2.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:flyspray\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"flyspray\", reference:\"0.9.7-2.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-953-1 : flyspray - missing input sanitising", "type": "nessus", "viewCount": 2}, "differentElements": ["modified"], "edition": 9, "lastseen": "2019-10-28T20:10:21"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:flyspray", "cpe:/o:debian:debian_linux:3.1"], "cvelist": ["CVE-2005-3334"], "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Several cross-site scripting vulnerabilities have been discovered in flyspray, a lightweight bug tracking system, which allows attackers to insert arbitrary script code into the index page.", "edition": 4, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "54beedadcec72536ba4582511ab432899ee15c86e7dc6487ad3b2a17c6430ce7", "hashmap": [{"hash": "9de3954783b966fb3e31185a433eab2d", "key": "href"}, {"hash": "6e9bdd2021503689a2ad9254c9cdf2b3", "key": "cvss"}, {"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "119ba2f108425981240d240f4c412418", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "411730d8b829786dbf2f7ddcb08d9bf5", "key": "sourceData"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "fe858961131851490e536e16b63cfa78", "key": "cvelist"}, {"hash": "8538239b425600b7f049c11c2999215b", "key": "title"}, {"hash": "0f27381968e496fc100cedf9aad78139", "key": "references"}, {"hash": "1286551799ad04d1dc5148f1c2f1dfd9", "key": "cpe"}, {"hash": "2afdb805c17991d2cdeb3b51b1d77857", "key": "pluginID"}, {"hash": "86d6f93d80759314a0bc35386ef0213d", "key": "description"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=22819", "id": "DEBIAN_DSA-953.NASL", "lastseen": "2018-08-11T09:37:38", "modified": "2018-08-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "22819", "published": "2006-10-14T00:00:00", "references": ["http://www.debian.org/security/2006/dsa-953", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-953. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22819);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/08/10 18:07:05\");\n\n script_cve_id(\"CVE-2005-3334\");\n script_xref(name:\"DSA\", value:\"953\");\n\n script_name(english:\"Debian DSA-953-1 : flyspray - missing input sanitising\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-953\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the flyspray package.\n\nThe old stable distribution (woody) does not contain flyspray.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.7-2.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:flyspray\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"flyspray\", reference:\"0.9.7-2.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-953-1 : flyspray - missing input sanitising", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-11T09:37:38"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:debian:debian_linux:flyspray", "cpe:/o:debian:debian_linux:3.1"], "cvelist": ["CVE-2005-3334"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Several cross-site scripting vulnerabilities have been discovered in flyspray, a lightweight bug tracking system, which allows attackers to insert arbitrary script code into the index page.", "edition": 5, "enchantments": {"score": {"value": 4.3, "vector": "NONE"}}, "hash": "a36959332ee6d8262def647883d16bf1334181851361bef1ba94834304cd3668", "hashmap": [{"hash": "9de3954783b966fb3e31185a433eab2d", "key": "href"}, {"hash": "9c6fe61712654f56360b12011e3de300", "key": "modified"}, {"hash": "119ba2f108425981240d240f4c412418", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "411730d8b829786dbf2f7ddcb08d9bf5", "key": "sourceData"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "fe858961131851490e536e16b63cfa78", "key": "cvelist"}, {"hash": "8538239b425600b7f049c11c2999215b", "key": "title"}, {"hash": "0f27381968e496fc100cedf9aad78139", "key": "references"}, {"hash": "1286551799ad04d1dc5148f1c2f1dfd9", "key": "cpe"}, {"hash": "2afdb805c17991d2cdeb3b51b1d77857", "key": "pluginID"}, {"hash": "86d6f93d80759314a0bc35386ef0213d", "key": "description"}, {"hash": "74562d71b087df9eabd0c21f99b132cc", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=22819", "id": "DEBIAN_DSA-953.NASL", "lastseen": "2018-08-30T19:58:16", "modified": "2018-08-10T00:00:00", "naslFamily": "Debian Local Security Checks", "objectVersion": "1.3", "pluginID": "22819", "published": "2006-10-14T00:00:00", "references": ["http://www.debian.org/security/2006/dsa-953", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997"], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-953. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22819);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/08/10 18:07:05\");\n\n script_cve_id(\"CVE-2005-3334\");\n script_xref(name:\"DSA\", value:\"953\");\n\n script_name(english:\"Debian DSA-953-1 : flyspray - missing input sanitising\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-953\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the flyspray package.\n\nThe old stable distribution (woody) does not contain flyspray.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.7-2.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:flyspray\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"flyspray\", reference:\"0.9.7-2.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Debian DSA-953-1 : flyspray - missing input sanitising", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-08-30T19:58:16"}], "edition": 10, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "1286551799ad04d1dc5148f1c2f1dfd9"}, {"key": "cvelist", "hash": "fe858961131851490e536e16b63cfa78"}, {"key": "cvss", "hash": "f74a1c24e49a5ecb0eefb5e51d4caa14"}, {"key": "description", "hash": "553be01e3562abcae046ef6bbede1171"}, {"key": "href", "hash": "bd31a05efcc83940aaad4c3357c19f46"}, {"key": "modified", "hash": "abcf9266f425f12dda38f529cd4a94bc"}, {"key": "naslFamily", "hash": "74562d71b087df9eabd0c21f99b132cc"}, {"key": "pluginID", "hash": "2afdb805c17991d2cdeb3b51b1d77857"}, {"key": "published", "hash": "119ba2f108425981240d240f4c412418"}, {"key": "references", "hash": "0f27381968e496fc100cedf9aad78139"}, {"key": "reporter", "hash": "fb98b923c1891391b1cdcc17e27a14f6"}, {"key": "sourceData", "hash": "eea5a64afb0fa069c7be52078dac3037"}, {"key": "title", "hash": "8538239b425600b7f049c11c2999215b"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "3bc574e6e0c60e85b953d03f2ac5d8c9ecf17ff685f9385015cb91dddcc4b6b1", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3334"]}, {"type": "debian", "idList": ["DEBIAN:DSA-953-1:E8019"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_F4B9543051D811DA8E930010DC4AFB40.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:55841", "OPENVAS:56208"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:11165"]}, {"type": "exploitdb", "idList": ["EDB-ID:26400"]}, {"type": "osvdb", "idList": ["OSVDB:20326"]}], "modified": "2019-11-01T02:25:55"}, "score": {"value": 5.0, "vector": "NONE", "modified": "2019-11-01T02:25:55"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#%NASL_MIN_LEVEL 80502\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-953. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(22819);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2019/08/02 13:32:20\");\n\n script_cve_id(\"CVE-2005-3334\");\n script_xref(name:\"DSA\", value:\"953\");\n\n script_name(english:\"Debian DSA-953-1 : flyspray - missing input sanitising\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335997\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2006/dsa-953\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the flyspray package.\n\nThe old stable distribution (woody) does not contain flyspray.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.7-2.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:flyspray\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2006/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/10/14\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/10/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"flyspray\", reference:\"0.9.7-2.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "pluginID": "22819", "cpe": ["p-cpe:/a:debian:debian_linux:flyspray", "cpe:/o:debian:debian_linux:3.1"], "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:08:15", "bulletinFamily": "NVD", "description": "Cross-site scripting (XSS) vulnerability in index.php in Flyspray 0.9.7 through 0.9.8 (devel) allows remote attackers to inject arbitrary web script or HTML via the (1) PHPSESSID, (2) task, (3) string, (4) type, (5) serv, (6) due, (7) dev, and (8) sort2 parameters.", "modified": "2017-07-11T01:33:00", "id": "CVE-2005-3334", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3334", "published": "2005-10-27T10:02:00", "title": "CVE-2005-3334", "type": "cve", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2019-08-22T02:26:15", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 953-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJanuary 24th, 2006 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : flyspray\nVulnerability : missing input sanitising\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2005-3334\nDebian Bug : 335997\n\nSeveral cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitary script code into the index page.\n\nThe old stable distribution (woody) does not contain flyspray.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 0.9.7-2.1.\n\nFor the testing (etch) and unstable distribution (sid) this problem has\nbeen fixed in version 0.9.8-5.\n\nWe recommend that you upgrade your flyspray package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/f/flyspray/flyspray_0.9.7-2.1.dsc\n Size/MD5 checksum: 603 b939804b2e4c9c69392cf1c98d0a0997\n http://security.debian.org/pool/updates/main/f/flyspray/flyspray_0.9.7-2.1.diff.gz\n Size/MD5 checksum: 18274 aa63664cac0470f94f00b8feda00057a\n http://security.debian.org/pool/updates/main/f/flyspray/flyspray_0.9.7.orig.tar.gz\n Size/MD5 checksum: 347441 9fab03b57e7946f60efc441f2c9b7c4f\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/f/flyspray/flyspray_0.9.7-2.1_all.deb\n Size/MD5 checksum: 343272 d40f8bf3e2e47a762481cf2ed58dcd3b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2006-01-24T00:00:00", "published": "2006-01-24T00:00:00", "id": "DEBIAN:DSA-953-1:E8019", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00026.html", "title": "[SECURITY] [DSA 953-1] New flyspray packages fix cross-site scripting", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2019-11-01T02:40:07", "bulletinFamily": "scanner", "description": "A Secunia Advisory reports :\n\nLostmon has reported some vulnerabilities in Flyspray, which can be\nexploited by malicious people to conduct cross-site scripting attacks.\n\nSome input isn", "modified": "2019-11-02T00:00:00", "id": "FREEBSD_PKG_F4B9543051D811DA8E930010DC4AFB40.NASL", "href": "https://www.tenable.com/plugins/nessus/21537", "published": "2006-05-13T00:00:00", "title": "FreeBSD : flyspray -- XSS vulnerabilities (f4b95430-51d8-11da-8e93-0010dc4afb40)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21537);\n script_version(\"1.22\");\n script_cvs_date(\"Date: 2019/08/02 13:32:38\");\n\n script_cve_id(\"CVE-2005-3334\");\n script_bugtraq_id(15209);\n script_xref(name:\"Secunia\", value:\"17316\");\n\n script_name(english:\"FreeBSD : flyspray -- XSS vulnerabilities (f4b95430-51d8-11da-8e93-0010dc4afb40)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A Secunia Advisory reports :\n\nLostmon has reported some vulnerabilities in Flyspray, which can be\nexploited by malicious people to conduct cross-site scripting attacks.\n\nSome input isn't properly sanitised before being returned to the user.\nThis can be exploited to execute arbitrary HTML and script code in a\nuser's browser session in context of an affected site.\"\n );\n # http://lostmon.blogspot.com/2005/10/flyspray-bug-killer-multiple-variable.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?39a1c4e4\"\n );\n # https://vuxml.freebsd.org/freebsd/f4b95430-51d8-11da-8e93-0010dc4afb40.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?48538a77\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:U/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:flyspray\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"flyspray<0.9.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "exploitdb": [{"lastseen": "2016-02-03T03:30:56", "bulletinFamily": "exploit", "description": "Flyspray 0.9 Multiple Cross-Site Scripting Vulnerabilities. CVE-2005-3334. Webapps exploit for php platform", "modified": "2005-10-26T00:00:00", "published": "2005-10-26T00:00:00", "id": "EDB-ID:26400", "href": "https://www.exploit-db.com/exploits/26400/", "type": "exploitdb", "title": "Flyspray 0.9 - Multiple Cross-Site Scripting Vulnerabilities", "sourceData": "source: http://www.securityfocus.com/bid/15209/info\r\n\r\nFlyspray is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input.\r\n\r\nAn attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. \r\n\r\nhttp://www.example.com/index.php?PHPSESSID=270ca5a0f7c1e5b2fd4c\r\n52b34cdfe546&tasks=&project=1&string=lala&type=&sev=&due=\r\n&dev=&cat=&status=&perpage=20\r\n\r\nhttp://www.example.com/index.php?tasks=all%22%3E%3Cscript\r\n%3Ealert%28%29%3C%2Fscript%3E&project=0\r\n\r\nhttp://www.example.com/index.php?order=sev&project=1&tasks=&type=\r\n&sev=&dev=&cat=&status=&due=&string=&perpage=20&pagenum=0&\r\nsort=desc&order2=&sort2=desc ", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/26400/"}], "openvas": [{"lastseen": "2017-07-24T12:49:50", "bulletinFamily": "scanner", "description": "The remote host is missing an update to flyspray\nannounced via advisory DSA 953-1.\n\nSeveral cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.\n\nThe old stable distribution (woody) does not contain flyspray.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=56208", "id": "OPENVAS:56208", "title": "Debian Security Advisory DSA 953-1 (flyspray)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_953_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 953-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 0.9.7-2.1.\n\nFor the testing (etch) and unstable distribution (sid) this problem has\nbeen fixed in version 0.9.8-5.\n\nWe recommend that you upgrade your flyspray package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20953-1\";\ntag_summary = \"The remote host is missing an update to flyspray\nannounced via advisory DSA 953-1.\n\nSeveral cross-site scripting vulnerabilities have been discovered in\nflyspray, a lightweight bug tracking system, which allows attackers to\ninsert arbitrary script code into the index page.\n\nThe old stable distribution (woody) does not contain flyspray.\";\n\n\nif(description)\n{\n script_id(56208);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:07:13 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(15209);\n script_cve_id(\"CVE-2005-3334\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"Debian Security Advisory DSA 953-1 (flyspray)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"flyspray\", ver:\"0.9.7-2.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-02T21:10:25", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-19T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55841", "id": "OPENVAS:55841", "title": "FreeBSD Ports: flyspray", "type": "openvas", "sourceData": "#\n#VID f4b95430-51d8-11da-8e93-0010dc4afb40\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: flyspray\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://secunia.com/advisories/17316/\nhttp://lostmon.blogspot.com/2005/10/flyspray-bug-killer-multiple-variable.html\nhttp://www.vuxml.org/freebsd/f4b95430-51d8-11da-8e93-0010dc4afb40.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(55841);\n script_version(\"$Revision: 4112 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-19 15:17:59 +0200 (Mon, 19 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2005-3334\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_name(\"FreeBSD Ports: flyspray\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"flyspray\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.9.8\")<=0) {\n txt += 'Package flyspray version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:17", "bulletinFamily": "software", "description": "## Vulnerability Description\nFlyspray contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'PHPSESSID', 'tasks', 'string', 'type', 'serv', 'due', 'dev', and 'sort2' variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Solution Description\nUpgrade to version 0.9.8 (2005-11-01) or higher, as it has been reported to fix this vulnerability. Note that this flaw was fixed in the 2005-11-01 release without a change in version number. An upgrade is required as there are no known workarounds.\n## Short Description\nFlyspray contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'PHPSESSID', 'tasks', 'string', 'type', 'serv', 'due', 'dev', and 'sort2' variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Manual Testing Notes\nhttp://[target]/index.php?PHPSESSID=270ca5a0f7c1e5b2fd4c52b34cdfe546&tasks=&project=1&string=lala&type=&sev=&due=&dev=&cat=&status=&perpage=20\n\nhttp://[target]/index.php?tasks=all%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&project=0\n\nhttp://[target]/index.php?order=sev&project=1&tasks=&type=&sev=&dev=&cat=&status=&due=&string=&perpage=20&pagenum=0&sort=desc&order2=&sort2=desc\n## References:\nVendor URL: http://flyspray.rocks.cc/\nVendor Specific News/Changelog Entry: http://tony.rocks.cc/23\n[Secunia Advisory ID:17316](https://secuniaresearch.flexerasoftware.com/advisories/17316/)\n[Secunia Advisory ID:18606](https://secuniaresearch.flexerasoftware.com/advisories/18606/)\nOther Advisory URL: http://lostmon.blogspot.com/2005/10/flyspray-bug-killer-multiple-variable.html\nOther Advisory URL: http://www.debian.org/security/2006/dsa-953\nISS X-Force ID: 22889\n[CVE-2005-3334](https://vulners.com/cve/CVE-2005-3334)\nBugtraq ID: 15209\n", "modified": "2005-10-26T11:30:50", "published": "2005-10-26T11:30:50", "href": "https://vulners.com/osvdb/OSVDB:20326", "id": "OSVDB:20326", "type": "osvdb", "title": "Flyspray index.php Multiple Variable XSS", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:15", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 953-1 security@debian.org\r\nhttp://www.debian.org/security/ Martin Schulze\r\nJanuary 24th, 2006 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : flyspray\r\nVulnerability : missing input sanitising\r\nProblem-Type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2005-3334\r\nDebian Bug : 335997\r\n\r\nSeveral cross-site scripting vulnerabilities have been discovered in\r\nflyspray, a lightweight bug tracking system, which allows attackers to\r\ninsert arbitary script code into the index page.\r\n\r\nThe old stable distribution (woody) does not contain flyspray.\r\n\r\nFor the stable distribution (sarge) this problem has been fixed in\r\nversion 0.9.7-2.1.\r\n\r\nFor the testing (etch) and unstable distribution (sid) this problem has\r\nbeen fixed in version 0.9.8-5.\r\n\r\nWe recommend that you upgrade your flyspray package.\r\n\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 3.1 alias sarge\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/f/flyspray/flyspray_0.9.7-2.1.dsc\r\n Size/MD5 checksum: 603 b939804b2e4c9c69392cf1c98d0a0997\r\n http://security.debian.org/pool/updates/main/f/flyspray/flyspray_0.9.7-2.1.diff.gz\r\n Size/MD5 checksum: 18274 aa63664cac0470f94f00b8feda00057a\r\n http://security.debian.org/pool/updates/main/f/flyspray/flyspray_0.9.7.orig.tar.gz\r\n Size/MD5 checksum: 347441 9fab03b57e7946f60efc441f2c9b7c4f\r\n\r\n Architecture independent components:\r\n\r\n http://security.debian.org/pool/updates/main/f/flyspray/flyspray_0.9.7-2.1_all.deb\r\n Size/MD5 checksum: 343272 d40f8bf3e2e47a762481cf2ed58dcd3b\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.2 (GNU/Linux)\r\n\r\niD8DBQFD1lbjW5ql+IAeqTIRAtvIAJ9Xc/OXlxlooe3fYoxpHFdZ2vBb/QCfUj6i\r\nQwgzDfL5IVqTB15e20XuVkY=\r\n=tpjE\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "modified": "2006-01-24T00:00:00", "published": "2006-01-24T00:00:00", "id": "SECURITYVULNS:DOC:11165", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:11165", "title": "[Full-disclosure] [SECURITY] [DSA 953-1] New flyspray packages fix cross-site scripting", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}]}