Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

CVE-2006-2042

from [jfvanmeter] Network Security [Permanent Link]
Subject: CVE-2006-2042
Date: Mon, 09 Apr 2007 13:11:51 +0000 
Good Morning , I'm working on a  vulnerabiltiy assessment for a workstation 
that has Macromedia Suite 8 installed. 

Nessus reported that Macromedia Dreamweaver version 8.0.0.2734 was installed 
and there are multiple SQL Injection vulnerabilities in the code generated by 
Macromedia Dreamweaver prior to version 8.0.2. 

Plug in 20811 shows the Dreamweaver version 8.0.0.2734 installed, but I was 
unable to find any plug in to alert for CVE-2006-2042 ( 
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2042 )? 

NIST rates the severity of this vulnerability as a high. The vulnerability is 
remotely exploitable and does not require authentication to exploit. 
Impact Type: Provides unauthorized access, Allows partial confidentiality, 
integrity, and availability violation , Allows disruption of service

The solution to the problem is to Install the free updater so the Dreamweaver 
is updated to  version 8.0.2 and recreate the server components to use the new 
more secure code. 

I just wanted to check and make sure that my software is working correctly, and 
that I didn't miss a check for the Dreamweaver version being out of date.


Thank You 
Take Care and Have Fun --John
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  converting from windows client format to nbe, Doug Nordwall
Next by Date:  Giving Nessus Reports to clients -- Licensing, Legal, etc, Jon D
Previous by Thread:  converting from windows client format to nbe, Doug Nordwall
Next by Thread:  Re: CVE-2006-2042, George A. Theall
Indexes:  [Date] [Thread] [Top] [All Lists]