DSA-1827-1 ipplan -- insufficient input sanitisingID: oval:org.secpod.oval:def:600489 | Date: (C)2011-05-13 (M)2022-10-10 |
Class: PATCH | Family: unix |
It was discovered that ipplan, a web-based IP address manager and tracker, does not sufficiently escape certain input parameters, which allows remote attackers to conduct cross-site scripting attacks. For the stable distribution , this problem has been fixed in version 4.86a-7+lenny1. The oldstable distribution does not contain ipplan. For the testing distribution this problem will be fixed soon. For the unstable distribution , this problem has been fixed in version 4.91a-1.1. We recommend that you upgrade your ipplan packages.