Debian Security Advisory DSA 1827-1 (ipplan) Network Vulnerability

Summary

The remote host is missing an update to ipplan announced via advisory DSA 1827-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201827-1

Insight

It was discovered that ipplan, a web-based IP address manager and tracker, does not sufficiently escape certain input parameters, which allows remote attackers to conduct cross-site scripting attacks. For the stable distribution (lenny), this problem has been fixed in version 4.86a-7+lenny1. The oldstable distribution (etch) does not contain ipplan. For the testing distribution (squeeze) this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 4.91a-1.1. We recommend that you upgrade your ipplan packages.

Severity

Classification

CVE CVE-2009-1732
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 001-1 (ed)
Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 1096-1 (webcalendar)
Debian Security Advisory DSA 1107-1 (gnupg)

Take action and discover your vulnerabilities