TYPO3 Multiple Vulnerabilities Feb10 Network Vulnerability

Summary

This host is installed with TYPO3 and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow remote attackers to get sensitive information or execute arbitrary scripts. Impact Level: Application

Solution

Upgrade to TYPO3 version 4.2.12, 4.3.2 or later, For updates refer to, http://typo3.org/

Insight

Multiple error exists in the application, - An error exist in backend, which fails to sanitize certain user input. - An error exist in the frontend, which is caused by improper validation of user-supplied input by the index.php script .

Affected

TYPO3 versions 4.2.11 and below, 4.3.1 and below

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/62553
http://secunia.com/advisories/38668/
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-004

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

@Mail 'admin.php' Cross-Site Scripting Vulnerabilities
Apache ActiveMQ Multiple Vulnerabilities
Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
Apache mod_proxy_ajp Information Disclosure Vulnerability
Ampache Reflected Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities