Vulnerability Bulletins

int(1586)

Vulnerability Bulletins

Múltiples vulnerabilidades de cross site scripting en phpsysinfo
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Aumento de la visibilidad
Dificulty	Avanzado
Required attacker level	Acceso remoto sin cuenta a un servicio exotico
System information
Property	Value
Affected manufacturer	GNU/Linux
Affected software	phpsysinfo
Description
Se han descubierto múltiples vulnerabilidades de cross site scripting en phpsysinfo. Las vulnerabilidades residen en el manejo del parámetro sensor_program en index.php y los parámetros text[language, text[template] y hide_picklist en system_footer.php. La explotación de estas vulnerabilidades podría permitir a un atacante remoto ejecutar código arbitrario mediante el uso de enlaces especialmente diseñados que hagan uso de la aplicación vulnerable y que la víctima debe visitar.
Solution
Actualización de software Debian Debian Linux 3.0 Source http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.0-3woody3.dsc http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.0-3woody3.diff.gz http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.0.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.0-3woody3_all.deb Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.3-4sarge1.dsc http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.3-4sarge1.diff.gz http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.3.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/p/phpsysinfo/phpsysinfo_2.3-4sarge1_all.deb Debian (phpgroupware) Debian Linux 3.0 Source http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.14-0.RC3.2.woody5.dsc http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.14-0.RC3.2.woody5.diff.gz http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.14.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-addressbook_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-admin_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-api-doc_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-api_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-bookkeeping_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-bookmarks_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-brewer_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-calendar_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-chat_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-chora_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-comic_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-core-doc_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-core_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-developer-tools_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-dj_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-eldaptir_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-email_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-filemanager_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-forum_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-ftp_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-headlines_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-hr_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-img_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-infolog_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-inv_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-manual_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-messenger_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-napster_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-news-admin_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-nntp_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-notes_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phonelog_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpsysinfo_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpwebhosting_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-polls_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-preferences_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-projects_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-registration_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-setup_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-skel_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-soap_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-stocks_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-todo_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-tts_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-wap_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-weather_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-xmlrpc_0.9.14-0.RC3.2.woody5_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.14-0.RC3.2.woody5_all.deb Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.005-3.sarge4.dsc http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.005-3.sarge4.diff.gz http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.005.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-addressbook_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-admin_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-bookmarks_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-calendar_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-chat_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-comic_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-core_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-developer-tools_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-dj_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-eldaptir_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-email_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-etemplate_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-felamimail_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-filemanager_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-folders_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-forum_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-ftp_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-fudforum_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-headlines_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-hr_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-img_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-infolog_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-manual_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-messenger_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-news-admin_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-nntp_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-notes_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phonelog_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpbrain_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpgwapi_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpsysinfo_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-polls_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-preferences_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-projects_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-qmailldap_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-registration_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-setup_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-sitemgr_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-skel_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-soap_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-stocks_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-todo_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-tts_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-wiki_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-xmlrpc_0.9.16.005-3.sarge4_all.deb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.005-3.sarge4_all.deb Mandriva Corporate Server 3.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-addressbook-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-backup-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-bookmarks-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-calendar-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-comic-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-developer_tools-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-email-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-emailadmin-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-etemplate-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-felamimail-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-filemanager-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-forum-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-ftp-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-fudforum-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-headlines-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-infolog-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-jinn-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-messenger-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-news_admin-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-phpbrain-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-phpldapadmin-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-phpsysinfo-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-polls-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-projects-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-registration-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-sitemgr-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-skel-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-stocks-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-tts-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/egroupware-wiki-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/egroupware-1.0-0.RC3.1.1.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-addressbook-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-backup-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-bookmarks-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-calendar-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-comic-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-developer_tools-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-email-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-emailadmin-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-etemplate-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-felamimail-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-filemanager-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-forum-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-ftp-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-fudforum-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-headlines-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-infolog-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-jinn-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-messenger-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-news_admin-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-phpbrain-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-phpldapadmin-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-phpsysinfo-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-polls-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-projects-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-registration-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-sitemgr-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-skel-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-stocks-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-tts-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/egroupware-wiki-1.0-0.RC3.1.1.C30mdk.noarch.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/egroupware-1.0-0.RC3.1.1.C30mdk.src.rpm Debian (egroupware) Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/e/egroupware/egroupware_1.0.0.007-2.dfsg-2sarge4.dsc http://security.debian.org/pool/updates/main/e/egroupware/egroupware_1.0.0.007-2.dfsg-2sarge4.diff.gz http://security.debian.org/pool/updates/main/e/egroupware/egroupware_1.0.0.007-2.dfsg.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/e/egroupware/egroupware-addressbook_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-bookmarks_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-calendar_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-comic_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-core_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-developer-tools_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-email_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-emailadmin_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-etemplate_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-felamimail_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-filemanager_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-forum_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-ftp_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-fudforum_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-headlines_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-infolog_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-jinn_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-ldap_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-manual_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-messenger_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-news-admin_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-phpbrain_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-phpldapadmin_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-phpsysinfo_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-polls_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-projects_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-registration_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-sitemgr_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-stocks_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-tts_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware-wiki_1.0.0.007-2.dfsg-2sarge4_all.deb http://security.debian.org/pool/updates/main/e/egroupware/egroupware_1.0.0.007-2.dfsg-2sarge4_all.deb
Standar resources
Property	Value
CVE	CAN-2005-0870
BID
Other resources
Debian Security Advisory DSA 724-1 http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00107.html Debian Security Advisory (DSA 897-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00295.html Debian Security Advisory (DSA 899-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00297.html Debian Security Advisory (DSA 898-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00296.html Mandriva Security Advisory (MDKSA-2005:212) http://www.mandriva.com/security/advisories?name=MDKSA-2005:212

Version history
Version	Comments	Date
1.0	Aviso emitido	2005-05-19
1.1	Aviso emitido por Debian (DSA 897-1). Aviso emitido por Mandriva (MDKSA-2005:212)	2005-11-17
1.2	Aviso emitido por Debian (DSA 898-1, DSA 899-1)	2005-11-21

Vulnerability Bulletins

Múltiples vulnerabilidades de cross site scripting en phpsysinfo

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history