Lucene search
GoogleOSV:DSA-1633-1HistorySep 01, 2008 - 12:00 a.m.
slash - multiple vulnerabilities
2008-09-0100:00:00
Google
osv.dev
10
EPSS
0.005
Percentile
76.4%
It has been discovered that Slash, the Slashdot Like Automated
Storytelling Homepage suffers from two vulnerabilities related to
insufficient input sanitation, leading to execution of SQL commands
(CVE-2008-2231) and cross-site scripting (CVE-2008-2553).
For the stable distribution (etch), these problems have been fixed in
version 2.2.6-8etch1.
In the unstable distribution (sid), the slash package is currently
uninstallable and will be removed soon.
We recommend that you upgrade your slash package.
References
Related
debian
debian
[SECURITY] [DSA 1633-1] New slash packages fix multiple vulnerabilities
2008-09-01 18:45:03
openvas
openvas
Debian: Security Advisory (DSA-1633-1)
2008-09-17 00:00:00
Debian Security Advisory DSA 1633-1 (slash)
2008-09-17 00:00:00
nessus
nessus
Debian DSA-1633-1 : slash - SQL Injection, XSS
2008-09-05 00:00:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2008-2553
2008-06-05 20:21:00
CVE-2008-2231
2008-06-05 20:21:00
ubuntucve
ubuntucve
CVE-2008-2553
2008-06-05 00:00:00
CVE-2008-2231
2008-06-05 00:00:00
nvd
nvd
CVE-2008-2553
2008-06-05 20:32:00
CVE-2008-2231
2008-06-05 20:32:00
cve
cve
CVE-2008-2553
2008-06-05 20:32:00
CVE-2008-2231
2008-06-05 20:32:00
prion
prion
Cross site scripting
2008-06-05 20:32:00
Sql injection
2008-06-05 20:32:00