7 matches found
Mandriva Security Advisory MDVSA-2009:322 (mono)
The remote host is missing an update to mono announced via advisory MDVSA-2009:322. OpenVAS Vulnerability Test $Id: mdksa2009322.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:322 mono Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Ubuntu USN-826-1 (mono)
The remote host is missing an update to mono announced via advisory USN-826-1. OpenVAS Vulnerability Test $Id: ubuntu8261.nasl 8616 2018-02-01 08:24:13Z cfischer $ $Id: ubuntu8261.nasl 8616 2018-02-01 08:24:13Z cfischer $ Description: Auto-generated from advisory USN-826-1 mono Authors: Thomas...
USN-826-1: Mono vulnerabilities
It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. CVE-2009-0217 It was discovered that Mono did not properly escape certain attributes in th...
openSUSE Security Update : bytefx-data-mysql (bytefx-data-mysql-173)
This patch fixes two security problems and one critical bug : Makes sure that values of all the tags which can be exploited are encoded to make sure no exploit is possible. CVE-2008-3422 A header injection problem in Sys.Web was fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
openSUSE 10 Security Update : bytefx-data-mysql (bytefx-data-mysql-5558)
This patch fixes two security problems and one critical bug : Makes sure that values of all the tags which can be exploited are encoded to make sure no exploit is possible. CVE-2008-3422 A header injection problem in Sys.Web was fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
SuSE 10 Security Update : Mono (ZYPP Patch Number 5560)
This patch fixes two security problems and one critical bug : Makes sure that values of all the tags which can be exploited are encoded to make sure no exploit is possible. CVE-2008-3422 A header injection problem in Sys.Web was fixed. Fix a problem with the Novell.Directory.Ldap.dll as exposed b...
CVE-2008-3422
CVE-2008-3422 is a known XSS vulnerability in the ASP.NET class libraries of Mono 2.0 and earlier, exploitable via crafted attributes in HtmlControl, HtmlForm, HtmlInputButton, HtmlInputRadioButton, and HtmlSelect. Connected notes from SUSE/Mandriva advisories reiterate this issue (alongside CVE-...