Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-263: mapserver Vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-263: mapserver Vulnerabilities
# 1  
Old 04-10-2008
S-263: mapserver Vulnerabilities
The risk is LOW. Could lead to cross-site scripting or stack-based buffer overrun vulnerability, allowing a remote attacker to execute arbitrary code with the privileges of the CGI or httpd user. There are two vulnerabilities in mapserver, a development environment for spatial and mapping applications:1) lack on input sanitizing and output escaping in the CGI mapserver's template handling and error reporting routines; and2) missing bounds checking in mapserver's template handling.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Red Hat

Openssl vulnerabilities

Hi there, The following openssl package are installed on the machine (openssl-1.0.0-27.el6_4.2.x86_64). It isn't the last version but I need to known if this content Vulnerabilities... How to check that on RedHat? Could you please tell me how to find this information?? Thankx (3 Replies)
Discussion started by: hiero_nymus
3 Replies

2. Solaris

What are the NTP 3 vulnerabilities?

Hi Guru I need to know which version of NTP is install in Solaris 10 box. How can I check it. IF NTP 3 in implemented then somebody told me implement NTP 4 due to security reasons, for that I have to tell what are the vulnerabilities present in NTP 3 to higher authorities. I could not able... (5 Replies)
Discussion started by: amity
5 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

tdiary-setup

TDIARY-SETUP(1) 					      General Commands Manual						   TDIARY-SETUP(1)

NAME

       tdiary-setup -- installer to set up tdiary files for a user

SYNOPSIS

       tdiary-setup [default  | symlink  | copy  | update ] directory

DESCRIPTION

       This manual page documents briefly the tdiary-setup commands.

OPTIONS

       These  programs	follow	the  usual  GNU  command  line	syntax, with long options starting with two dashes (`-').  A summary of options is
       included below.	For a complete description, see the Info files.

       default	 Copy CGI files and set up a tdiary user.  Choose default if your httpd runs under suEXEC mode, which is generally recommended	to
		 make security stronger.

       symlink	 Make symbolic links and set up a tdiary user.	Choose symlink if your httpd does not run under suEXEC mode.

       copy	 Copy all the files and set up a tdiary user.

       update	 Update existing tDiary setting.  Use this when you update the tdiary package.

       directory Directory where CGI files will be copied. If the directory does not exist it will be made.

USAGE

       tdiary-setup default /home/foo/public_html/diary

AUTHOR

       This  manual  page  was	written  by Daigo Moriwaki beatles@sgtpepper.net for the Debian system (but may be used by others).  Permission is
       granted to copy, distribute and/or modify this document under the terms of the GPL Version 2.

																   TDIARY-SETUP(1)