Summary
The remote host is missing an update to phpldapadmin announced via advisory DSA 1057-1.
Several cross-site scripting vulnerabilities have been discovered in phpLDAPadmin, a web based interface for administering LDAP servers, tha allows remote attackers to inject arbitrary web script or HTML.
The old stable distribution (woody) does not contain phpldapadmin packages.
Solution
For the stable distribution (sarge) these problems have been fixed in version 0.9.5-3sarge3.
For the unstable distribution (sid) these problems have been fixed in version 0.9.8.3-1.
We recommend that you upgrade your phpldapadmin package.
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201057-1
Severity
Classification
-
CVE CVE-2006-2016 -
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:P/A:N
Related Vulnerabilities