Nessus Plugin #15393
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
IMP HTML MIME Viewer XSS Vulnerabilities
- Family:
- CGI abuses : XSS
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2003-2004 George A. Theall
- Summary:
- Checks for HTML MIME Viewer XSS vulnerabilities in IMP
- Version:
- $Revision: 1.2 $
- Cve_id:
- -
- Bugtraq_id:
- -
- Xrefs:
- -
- Description:
The target is running at least one instance of IMP whose version number
is between 3.0 and 3.2.5 inclusive. Such versions are vulnerable to
several XSS attacks when viewing HTML messages with the HTML MIME viewer
and certain browsers. For additional information, see the 3.2.6 release
announcement:
http://lists.horde.org/archives/imp/Week-of-Mon-20040920/039246.html
***** Nessus has determined the vulnerability exists on the target
***** simply by looking at the version number of IMP installed there.
Solution : Upgrade to IMP version 3.2.6 or later.
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.