var-200812-0243
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Barracuda Spam Firewall (BSF) before 3.5.12.007, Message Archiver before 1.2.1.002, Web Filter before 3.3.0.052, IM Firewall before 3.1.01.017, and Load Balancer before 2.3.024 allow remote attackers to inject arbitrary web script or HTML via (1) the Policy Name field in Search Based Retention Policy in Message Archiver; unspecified parameters in the (2) IP Configuration, (3) Administration, (4) Journal Accounts, (5) Retention Policy, and (6) GroupWise Sync components in Message Archiver; (7) input to search operations in Web Filter; and (8) input used in error messages and (9) hidden INPUT elements in (a) Spam Firewall, (b) IM Firewall, and (c) Web Filter. plural Barracuda Product index.cgi Contains a cross-site scripting vulnerability.By any third party through the following process Web Script or HTML May be inserted. Multiple Barracuda products are prone to multiple input-validation vulnerabilities, including multiple cross-site scripting vulnerabilities, an HTML-injection vulnerability, and an SQL-injection vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Versions prior to the following are affected: Barracuda Message Archiver to 1.2.1.002. Barracuda Spam Firewall 3.5.12.007 and prior Barracuda Web Filter 3.3.0.052 and prior Barracuda IM Firewall 3.1.01.017 and prior Barracuda Load Balancer 2.3.024 and prior. Barracuda Spam Firewall is an integrated hardware and software spam solution for protecting mail servers. ----------------------------------------------------------------------
Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list?
Click here to learn more: http://secunia.com/advisories/business_solutions/
TITLE: Barracuda Products Cross-Site Scripting Vulnerabilities
SECUNIA ADVISORY ID: SA33164
VERIFY ADVISORY: http://secunia.com/advisories/33164/
CRITICAL: Less critical
IMPACT: Cross Site Scripting
WHERE:
From remote
OPERATING SYSTEM: Barracuda Spam Firewall http://secunia.com/advisories/product/4639/ Barracuda IM Firewall http://secunia.com/advisories/product/20790/ Barracuda Load Balancer http://secunia.com/advisories/product/20791/ Barracuda Message Archiver http://secunia.com/advisories/product/20788/ Barracuda Web Filter http://secunia.com/advisories/product/20789/
DESCRIPTION: Dr.
Input passed to various parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
SOLUTION: Update to the latest version. Marian Ventuneac, Data Communications Security Laboratory, University of Limerick
ORIGINAL ADVISORY: Barracuda Networks: http://www.barracudanetworks.com/ns/support/tech_alert.php
Dr. Marian Ventuneac: http://dcsl.ul.ie/advisories/02.htm http://dcsl.ul.ie/advisories/03.htm
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200812-0243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web filter",
"scope": "lte",
"trust": 1.0,
"vendor": "barracuda",
"version": "3.3.0.038"
},
{
"model": "load balancer",
"scope": "lte",
"trust": 1.0,
"vendor": "barracuda",
"version": "2.2.006"
},
{
"model": "im firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "barracuda",
"version": "3.0.01.008"
},
{
"model": "message archiver",
"scope": "lte",
"trust": 1.0,
"vendor": "barracuda",
"version": "1.1.0.010"
},
{
"model": "spam firewall",
"scope": "lte",
"trust": 1.0,
"vendor": "barracuda",
"version": "3.5.11.020"
},
{
"model": "web filter",
"scope": "eq",
"trust": 0.9,
"vendor": "barracuda",
"version": "3.3.0.038"
},
{
"model": "spam firewall",
"scope": "eq",
"trust": 0.9,
"vendor": "barracuda",
"version": "3.5.11.020"
},
{
"model": "message archiver",
"scope": "eq",
"trust": 0.9,
"vendor": "barracuda",
"version": "1.1.0.010"
},
{
"model": "im firewall",
"scope": "eq",
"trust": 0.9,
"vendor": "barracuda",
"version": "3.0.01.008"
},
{
"model": "spam firewall",
"scope": "lt",
"trust": 0.8,
"vendor": "barracuda",
"version": "3.5.11.025"
},
{
"model": "web filter",
"scope": "lt",
"trust": 0.8,
"vendor": "barracuda",
"version": "3.3.0.052"
},
{
"model": "im firewall",
"scope": "lt",
"trust": 0.8,
"vendor": "barracuda",
"version": "3.1.01.017"
},
{
"model": "load balancer",
"scope": "lt",
"trust": 0.8,
"vendor": "barracuda",
"version": "2.3.024"
},
{
"model": "message archiver",
"scope": "lt",
"trust": 0.8,
"vendor": "barracuda",
"version": "1.2.1.002"
},
{
"model": "load balancer",
"scope": "eq",
"trust": 0.6,
"vendor": "barracuda",
"version": "2.2.006"
},
{
"model": "load balancer",
"scope": "eq",
"trust": 0.3,
"vendor": "barracuda",
"version": "2.2.6"
},
{
"model": "web filter",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "3.3.0.052"
},
{
"model": "spam firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "3.5.12.007"
},
{
"model": "message archiver",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "1.2.1.002"
},
{
"model": "load balancer",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "2.3.24"
},
{
"model": "im firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "barracuda",
"version": "3.1.01.017"
}
],
"sources": [
{
"db": "BID",
"id": "32867"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-369"
},
{
"db": "NVD",
"id": "CVE-2008-0971"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:barracuda_networks:barracuda_spam_firewall",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:barracuda_networks:barracuda_web_filter",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:barracuda_networks:barracuda_im_firewall",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:barracuda_networks:barracuda_load_balancer",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:barracuda_networks:barracuda_message_archiver",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marian Ventuneac\u203b marian.ventuneac@ul.ie",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200812-369"
}
],
"trust": 0.6
},
"cve": "CVE-2008-0971",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2008-0971",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-31096",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-0971",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2008-0971",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNNVD",
"id": "CNNVD-200812-369",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-31096",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2008-0971",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31096"
},
{
"db": "VULMON",
"id": "CVE-2008-0971"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-369"
},
{
"db": "NVD",
"id": "CVE-2008-0971"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Barracuda Spam Firewall (BSF) before 3.5.12.007, Message Archiver before 1.2.1.002, Web Filter before 3.3.0.052, IM Firewall before 3.1.01.017, and Load Balancer before 2.3.024 allow remote attackers to inject arbitrary web script or HTML via (1) the Policy Name field in Search Based Retention Policy in Message Archiver; unspecified parameters in the (2) IP Configuration, (3) Administration, (4) Journal Accounts, (5) Retention Policy, and (6) GroupWise Sync components in Message Archiver; (7) input to search operations in Web Filter; and (8) input used in error messages and (9) hidden INPUT elements in (a) Spam Firewall, (b) IM Firewall, and (c) Web Filter. plural Barracuda Product index.cgi Contains a cross-site scripting vulnerability.By any third party through the following process Web Script or HTML May be inserted. Multiple Barracuda products are prone to multiple input-validation vulnerabilities, including multiple cross-site scripting vulnerabilities, an HTML-injection vulnerability, and an SQL-injection vulnerability. \nExploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nVersions prior to the following are affected:\nBarracuda Message Archiver to 1.2.1.002. \nBarracuda Spam Firewall 3.5.12.007 and prior\nBarracuda Web Filter 3.3.0.052 and prior\nBarracuda IM Firewall 3.1.01.017 and prior\nBarracuda Load Balancer 2.3.024 and prior. Barracuda Spam Firewall is an integrated hardware and software spam solution for protecting mail servers. ----------------------------------------------------------------------\n\nDid you know that a change in our assessment rating, exploit code\navailability, or if an updated patch is released by the vendor, is\nnot part of this mailing-list?\n\nClick here to learn more:\nhttp://secunia.com/advisories/business_solutions/\n\n----------------------------------------------------------------------\n\nTITLE:\nBarracuda Products Cross-Site Scripting Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA33164\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/33164/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nCross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nBarracuda Spam Firewall\nhttp://secunia.com/advisories/product/4639/\nBarracuda IM Firewall\nhttp://secunia.com/advisories/product/20790/\nBarracuda Load Balancer\nhttp://secunia.com/advisories/product/20791/\nBarracuda Message Archiver\nhttp://secunia.com/advisories/product/20788/\nBarracuda Web Filter\nhttp://secunia.com/advisories/product/20789/\n\nDESCRIPTION:\nDr. \n\nInput passed to various parameters is not properly sanitised before\nbeing returned to the user. This can be exploited to execute\narbitrary HTML and script code in a user\u0027s browser session in context\nof an affected site. \n\nSOLUTION:\nUpdate to the latest version. Marian Ventuneac, Data Communications Security Laboratory,\nUniversity of Limerick\n\nORIGINAL ADVISORY:\nBarracuda Networks:\nhttp://www.barracudanetworks.com/ns/support/tech_alert.php\n\nDr. Marian Ventuneac:\nhttp://dcsl.ul.ie/advisories/02.htm\nhttp://dcsl.ul.ie/advisories/03.htm\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0971"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
},
{
"db": "BID",
"id": "32867"
},
{
"db": "VULHUB",
"id": "VHN-31096"
},
{
"db": "VULMON",
"id": "CVE-2008-0971"
},
{
"db": "PACKETSTORM",
"id": "73049"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-31096",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31096"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-0971",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "33164",
"trust": 2.7
},
{
"db": "OSVDB",
"id": "50709",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1021454",
"trust": 2.6
},
{
"db": "SREASON",
"id": "4792",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002511",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20081216 CVE-2008-0971 - BARRACUDA NETWORKS PRODUCTS MULTIPLE CROSS-SITE SCRIPTING VULNERABILITIES",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200812-369",
"trust": 0.6
},
{
"db": "BID",
"id": "32867",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "73065",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-31096",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2008-0971",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "73049",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31096"
},
{
"db": "VULMON",
"id": "CVE-2008-0971"
},
{
"db": "BID",
"id": "32867"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
},
{
"db": "PACKETSTORM",
"id": "73049"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-369"
},
{
"db": "NVD",
"id": "CVE-2008-0971"
}
]
},
"id": "VAR-200812-0243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31096"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T23:10:16.082000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Resolved input field validation and HTML encoding issues in select Barracuda Networks products",
"trust": 0.8,
"url": "http://www.barracudanetworks.com/ns/support/tech_alert.php"
},
{
"title": "OWASP",
"trust": 0.1,
"url": "https://github.com/Ksaivinay0708/OWASP "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2008-0971"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31096"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
},
{
"db": "NVD",
"id": "CVE-2008-0971"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://securitytracker.com/id?1021454"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/33164"
},
{
"trust": 2.2,
"url": "http://www.barracudanetworks.com/ns/support/tech_alert.php"
},
{
"trust": 2.2,
"url": "http://dcsl.ul.ie/advisories/03.htm"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/50709"
},
{
"trust": 1.8,
"url": "http://securityreason.com/securityalert/4792"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/499294/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0971"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0971"
},
{
"trust": 0.8,
"url": "http://osvdb.org/50709"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/499294/100/0/threaded"
},
{
"trust": 0.4,
"url": "http://dcsl.ul.ie/advisories/02.htm"
},
{
"trust": 0.3,
"url": "http://www.barracudanetworks.com/ns/?l=en_ca"
},
{
"trust": 0.3,
"url": "/archive/1/499294"
},
{
"trust": 0.3,
"url": "/archive/1/499293"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=17307"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/33164/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/4639/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20791/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20788/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20789/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20790/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31096"
},
{
"db": "VULMON",
"id": "CVE-2008-0971"
},
{
"db": "BID",
"id": "32867"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
},
{
"db": "PACKETSTORM",
"id": "73049"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-369"
},
{
"db": "NVD",
"id": "CVE-2008-0971"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-31096"
},
{
"db": "VULMON",
"id": "CVE-2008-0971"
},
{
"db": "BID",
"id": "32867"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
},
{
"db": "PACKETSTORM",
"id": "73049"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-369"
},
{
"db": "NVD",
"id": "CVE-2008-0971"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-12-19T00:00:00",
"db": "VULHUB",
"id": "VHN-31096"
},
{
"date": "2008-12-19T00:00:00",
"db": "VULMON",
"id": "CVE-2008-0971"
},
{
"date": "2008-12-16T00:00:00",
"db": "BID",
"id": "32867"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002511"
},
{
"date": "2008-12-16T12:16:02",
"db": "PACKETSTORM",
"id": "73049"
},
{
"date": "2008-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200812-369"
},
{
"date": "2008-12-19T17:30:00.267000",
"db": "NVD",
"id": "CVE-2008-0971"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-31096"
},
{
"date": "2018-10-15T00:00:00",
"db": "VULMON",
"id": "CVE-2008-0971"
},
{
"date": "2008-12-19T18:42:00",
"db": "BID",
"id": "32867"
},
{
"date": "2011-06-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002511"
},
{
"date": "2009-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200812-369"
},
{
"date": "2024-11-21T00:43:20.600000",
"db": "NVD",
"id": "CVE-2008-0971"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200812-369"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Barracuda Product index.cgi Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002511"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "73049"
},
{
"db": "CNNVD",
"id": "CNNVD-200812-369"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…