Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA914] DSA-914-1 horde2


Vulnerability Assessment Details

[DSA914] DSA-914-1 horde2

Vulnerability Assessment Summary
DSA-914-1 horde2

Detailed Explanation for this Vulnerability Assessment

A vulnerability has been discovered in horde2, a web application
suite, that permits attackers to insert arbitrary script code into the
error web page.
The old stable distribution (woody) does not contain horde2 packages.
For the stable distribution (sarge) this problem has been fixed in
version 2.2.8-1sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 2.2.9-1.
We recommend that you upgrade your horde2 package.


Solution : http://www.debian.org/security/2005/dsa-914
Network Security Threat Level: High

Networks Security ID: 15409

Vulnerability Assessment Copyright: This script is (C) 2007 Michel Arboi

Cables, Connectors

JUNIPER NETWORKS SA 2000 SA2000 SECURE ACCESS VPN FIREWALL SECURITY APPLIANCE
$178.74
JUNIPER NETWORKS SA 2000 SA2000 SECURE ACCESS VPN FIREWALL SECURITY APPLIANCE pictureWatchGuard Firebox M400 Network Security/Firewall Appliance WGM40061
$2829.75
WatchGuard Firebox M400 Network Security/Firewall Appliance WGM40061 pictureWatchGuard Firebox M300 Network Security/Firewall Appliance WGM30001
$1595.85
WatchGuard Firebox M300 Network Security/Firewall Appliance WGM30001 pictureDell SonicWall TZ 210 Wireless N Network Security Firewall - Complete - Working
$75.0
Dell SonicWall TZ 210 Wireless N Network Security Firewall - Complete - Working picture


Discussions

No Discussions have been posted on this vulnerability.