Debian Security Advisory DSA 1827-1 (ipplan) Network Vulnerability

Summary

The remote host is missing an update to ipplan announced via advisory DSA 1827-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201827-1

Insight

It was discovered that ipplan, a web-based IP address manager and tracker, does not sufficiently escape certain input parameters, which allows remote attackers to conduct cross-site scripting attacks. For the stable distribution (lenny), this problem has been fixed in version 4.86a-7+lenny1. The oldstable distribution (etch) does not contain ipplan. For the testing distribution (squeeze) this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 4.91a-1.1. We recommend that you upgrade your ipplan packages.

Severity

Classification

CVE CVE-2009-1732

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 1094-1 (gforge)
Debian Security Advisory DSA 1155-2 (sendmail)
Debian Security Advisory DSA 088-1 (fml)
Debian Security Advisory DSA 1027-1 (mailman)

Take action and discover your vulnerabilities