EUVD-2001-0792

Malware in sbrugna...

EUVD-2007-2800

Malware in sbrugna...

[SECURITY] [DSA 1486-1] New gnatsweb packages fix cross-site scripting

------------------------------------------------------------------------ Debian Security Advisory DSA-1486-1 [email protected] http://www.debian.org/security/ Steve Kemp February 04, 2008 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 1486-1 (gnatsweb)

The remote host is missing an update to gnatsweb announced via advisory DSA 1486-1. OpenVAS Vulnerability Test $Id: deb14861.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1486-1 gnatsweb Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1486-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1486-1 : gnatsweb - XSS

'r0t' discovered that gnatsweb, a web interface to GNU GNATS, did not correctly sanitize the database parameter in the main CGI script. This could allow the injection of arbitrary HTML, or JavaScript code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...

DSA-1486-1 gnatsweb - cross-site scripting

Bulletin has no description...

Cross site scripting

Cross-site scripting XSS vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter...

CVE-2007-2808

Cross-site scripting XSS vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter...

CVE-2007-2808

Cross-site scripting XSS vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter...

CVE-2007-2808

CVE-2007-2808 affects gnatsweb/gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99, where inadequate sanitization of the database parameter in the main CGI script allows remote XSS via arbitrary HTML/script. Debian's DSA-1486-1 notes the fix in gnatsweb 4.00-1etch1, indicating remediation by upgrading ...

CVE-2007-2808

Cross-site scripting XSS vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter...

CVE-2001-0808

gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the helpfile parameter...

CVE-2001-0808

gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the helpfile parameter...

CVE-2001-0808

GNATS GnatsWeb 2.7–3.95 is affected by CVE-2001-0808 where remote attackers can execute arbitrary commands via certain characters in the help_file parameter. The underlying cause is a command-execution input handling issue in gnatsweb.pl. Documented impact is arbitrary command execution with netw...

gnats update

Hia, I found a securityhole in gnatsweb. The author was contacted and a patch was provided within hours. People running the following versions should upgrade: - Gnatsweb 2.7 beta - Gnatsweb 2.8.0 - Gnatsweb 2.8.1 - Gnatsweb 3.95 for GNATS 4, versions from CVS prior to June 26 The patch, and more...