var-200505-1057
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file. Multiple remote input validation vulnerabilities affect SonicWALL SOHO. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. Specifically a cross-site scripting issue and an HTML injection issue affect the vulnerable device. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks, potentially leading to a compromise of the affected device. SonicWALL Pro 230 firmware 6.5.0.3 is reported vulnerable to these issues as well. SonicWALL SOHO is a tool that provides network INTERNET security connection.
Want a new IT Security job?
Vacant positions at Secunia: http://secunia.com/secunia_vacancies/
TITLE: SonicWALL SOHO series Cross-Site Scripting and Script Injection
SECUNIA ADVISORY ID: SA14823
VERIFY ADVISORY: http://secunia.com/advisories/14823/
CRITICAL: Less critical
IMPACT: Cross Site Scripting
WHERE:
From remote
OPERATING SYSTEM: SonicWALL SOHO series http://secunia.com/product/223/
DESCRIPTION: Oliver Karow has reported two vulnerabilities in SonicWALL SOHO series, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.
1) Input passed in the URL path is not properly sanitised before being returned to the user.
Example: http://[host]/[code]
2) Input passed to the username in the login page is not properly sanitised before being used. Other versions may also be affected.
SOLUTION: Restrict access to the web interface to prevent the script insertion vulnerability.
PROVIDED AND/OR DISCOVERED BY: Oliver Karow
ORIGINAL ADVISORY: http://www.oliverkarow.de/research/SonicWall.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-1057",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "soho",
"scope": "eq",
"trust": 1.9,
"vendor": "sonicwall",
"version": "5.1.7.0"
},
{
"model": "pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "2306.5.0.3"
}
],
"sources": [
{
"db": "BID",
"id": "12984"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
},
{
"db": "NVD",
"id": "CVE-2005-1006"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Oliver Karow Oliver.karow@gmx.de",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
}
],
"trust": 0.6
},
"cve": "CVE-2005-1006",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2005-1006",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-12215",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2005-1006",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-320",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-12215",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12215"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
},
{
"db": "NVD",
"id": "CVE-2005-1006"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file. Multiple remote input validation vulnerabilities affect SonicWALL SOHO. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. \nSpecifically a cross-site scripting issue and an HTML injection issue affect the vulnerable device. \nAn attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks, potentially leading to a compromise of the affected device. \nSonicWALL Pro 230 firmware 6.5.0.3 is reported vulnerable to these issues as well. SonicWALL SOHO is a tool that provides network INTERNET security connection. \n----------------------------------------------------------------------\n\nWant a new IT Security job?\n\nVacant positions at Secunia:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nSonicWALL SOHO series Cross-Site Scripting and Script Injection\n\nSECUNIA ADVISORY ID:\nSA14823\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/14823/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nCross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nSonicWALL SOHO series\nhttp://secunia.com/product/223/\n\nDESCRIPTION:\nOliver Karow has reported two vulnerabilities in SonicWALL SOHO\nseries, which can be exploited by malicious people to conduct\ncross-site scripting and script insertion attacks. \n\n1) Input passed in the URL path is not properly sanitised before\nbeing returned to the user. \n\nExample:\nhttp://[host]/[code]\n\n2) Input passed to the username in the login page is not properly\nsanitised before being used. Other versions may also be affected. \n\nSOLUTION:\nRestrict access to the web interface to prevent the script insertion\nvulnerability. \n\nPROVIDED AND/OR DISCOVERED BY:\nOliver Karow\n\nORIGINAL ADVISORY:\nhttp://www.oliverkarow.de/research/SonicWall.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1006"
},
{
"db": "BID",
"id": "12984"
},
{
"db": "VULHUB",
"id": "VHN-12215"
},
{
"db": "PACKETSTORM",
"id": "36968"
}
],
"trust": 1.35
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-12215",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12215"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-1006",
"trust": 2.0
},
{
"db": "BID",
"id": "12984",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "14823",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "15262",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "15261",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1013638",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200505-320",
"trust": 0.7
},
{
"db": "SEEBUG",
"id": "SSVID-78994",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "25331",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-12215",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36968",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12215"
},
{
"db": "BID",
"id": "12984"
},
{
"db": "PACKETSTORM",
"id": "36968"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
},
{
"db": "NVD",
"id": "CVE-2005-1006"
}
]
},
"id": "VAR-200505-1057",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-12215"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:07:12.733000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SonicWALL SOHO Web Fixes for Remote Input Validation Error Vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=197203"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1006"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.oliverkarow.de/research/sonicwall.txt"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/12984"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-04/0041.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/15261"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/15262"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1013638"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/14823"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19958"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19960"
},
{
"trust": 0.3,
"url": "http://www.sonicwall.com"
},
{
"trust": 0.3,
"url": "/archive/1/394869"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/14823/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/223/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://[host]/[code]"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12215"
},
{
"db": "BID",
"id": "12984"
},
{
"db": "PACKETSTORM",
"id": "36968"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
},
{
"db": "NVD",
"id": "CVE-2005-1006"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-12215"
},
{
"db": "BID",
"id": "12984"
},
{
"db": "PACKETSTORM",
"id": "36968"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
},
{
"db": "NVD",
"id": "CVE-2005-1006"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-12215"
},
{
"date": "2005-04-04T00:00:00",
"db": "BID",
"id": "12984"
},
{
"date": "2005-04-17T06:53:52",
"db": "PACKETSTORM",
"id": "36968"
},
{
"date": "2005-04-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-320"
},
{
"date": "2005-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2005-1006"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-12215"
},
{
"date": "2009-07-12T11:56:00",
"db": "BID",
"id": "12984"
},
{
"date": "2022-06-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-320"
},
{
"date": "2024-11-20T23:56:23.390000",
"db": "NVD",
"id": "CVE-2005-1006"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SonicWALL SOHO Web Remote Input Validation Error Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "36968"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-320"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…