Fedora 8 : moin-1.5.8-4.fc8 (2008-1905)

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

- Wed Feb 20 2008 Lubomir Kundrak <lkundrak at redhat.com>
1.5.8-4

- Fix CVE-2008-0780 XSS in login action (2f952fa361c7)

- Fix CVE-2008-0781 multiple XSS in AttachFile action
(db212dfc58ef)

- Fri Feb 8 2008 Matthias Saou <http://freshrpms.net/>
1.5.8-3

- Include e69a16b6e630 1.5 changeset as cookieidfix
(#432017).

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://freshrpms.net/
https://bugzilla.redhat.com/show_bug.cgi?id=432747
https://bugzilla.redhat.com/show_bug.cgi?id=432748
http://www.nessus.org/u?27c158a9

Solution :

Update the affected moin package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: Fedora Local Security Checks

Nessus Plugin ID: 31153 (fedora_2008-1905.nasl)

Bugtraq ID:

CVE ID: CVE-2008-0780
CVE-2008-0781

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now