The remote host is missing an update to sitebar announced via advisory DSA 1130-1. A a cross-site scripting vulnerability has been discovered in sitebar, a web based bookmark manager written in PHP, which allows remote attackers to inject arbitrary web script or HTML.
For the stable distribution (sarge) this problem has been fixed in version 3.2.6-7.1. For the unstable distribution (sid) this problem has been fixed in version 3.3.8-1.1. We recommend that you upgrade your sitebar package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201130-1
- Debian Security Advisory DSA 2594-1 (virtualbox-ose - programming error)
- Debian Security Advisory DSA 2731-1 (libgcrypt11 - information leak)
- Debian Security Advisory DSA 1945-1 (gforge)
- Debian Security Advisory DSA 1326-1 (fireflier-server)
- Debian Security Advisory DSA 2650-2 (libvirt - files and device nodes ownership change to kvm group)