CVE-2006-3328 - new_ticket.cgi in Hostflow 2.2.1-15 allows remote attackers to steal and replay authentication crede

CVE-2006-3328

Summary

new_ticket.cgi in Hostflow 2.2.1-15 allows remote attackers to steal and replay authentication credentials via an IMG tag in the desc parameter ("Ticket Description" field) that points to a URL that captures referer URLs, possibly due to a cross-site scripting (XSS) vulnerability or a leak of credentials in referer URLs.

References

Vulnerable Configurations

cpe:2.3:a:starflow_software:hostflow:2.2.1.15:*:*:*:*:*:*:*
cpe:2.3:a:starflow_software:hostflow:2.2.1.15:*:*:*:*:*:*:*

CVSS

Base:	5.8 (as of 20-07-2017 - 01:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:N

refmap via4

bid	18695
misc	http://pridels0.blogspot.com/2006/06/hostflow-vuln.html
osvdb	26872
secunia	20863
vupen	ADV-2006-2570
xf	hostflow-ticketdescription-xss(27426)

Last major update

20-07-2017 - 01:32

Published

30-06-2006 - 23:05

Last modified

20-07-2017 - 01:32