var-200901-0123
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Connectra NGX is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. Connectra NGX R62 HFA_01, Hotfix 601, Builds 006 and 014 are vulnerable; other versions may also be affected. ----------------------------------------------------------------------
Do you need accurate and reliable IDS / IPS / AV detection rules?
Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/
TITLE: Checkpoint Connectra NGX "dir" Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA31553
VERIFY ADVISORY: http://secunia.com/advisories/31553/
CRITICAL: Less critical
IMPACT: Cross Site Scripting
WHERE:
From remote
OPERATING SYSTEM: Check Point Connectra Appliances http://secunia.com/advisories/product/13352/
DESCRIPTION: Sarid Harper has reported a vulnerability in Checkpoint Connectra NGX, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed to the "dir" parameter in index.php is not properly sanitised before being returned to the user.
SOLUTION: Filter malicious characters and character sequences in a proxy.
PROVIDED AND/OR DISCOVERED BY: Sarid Harper
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200901-0123",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "connectra ngx",
"scope": "eq",
"trust": 1.6,
"vendor": "checkpoint",
"version": "r62"
},
{
"model": "connectra ngx",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "r62 hfa_01"
},
{
"model": "point software connectra ngx r62",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
},
{
"model": "point software connectra ngx r62 hfa 01 hotfi",
"scope": null,
"trust": 0.3,
"vendor": "check",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "31369"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-396"
},
{
"db": "NVD",
"id": "CVE-2008-5994"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:checkpoint:connectra_ngx",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sarid Harper",
"sources": [
{
"db": "BID",
"id": "31369"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-396"
}
],
"trust": 0.9
},
"cve": "CVE-2008-5994",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2008-5994",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-36119",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-5994",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2008-5994",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200901-396",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-36119",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36119"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-396"
},
{
"db": "NVD",
"id": "CVE-2008-5994"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in index.php in Check Point Connectra NGX R62 HFA_01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Connectra NGX is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nConnectra NGX R62 HFA_01, Hotfix 601, Builds 006 and 014 are vulnerable; other versions may also be affected. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\nCheckpoint Connectra NGX \"dir\" Cross-Site Scripting Vulnerability\n\nSECUNIA ADVISORY ID:\nSA31553\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/31553/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nCross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nCheck Point Connectra Appliances\nhttp://secunia.com/advisories/product/13352/\n\nDESCRIPTION:\nSarid Harper has reported a vulnerability in Checkpoint Connectra\nNGX, which can be exploited by malicious people to conduct cross-site\nscripting attacks. \n\nInput passed to the \"dir\" parameter in index.php is not properly\nsanitised before being returned to the user. \n\nSOLUTION:\nFilter malicious characters and character sequences in a proxy. \n\nPROVIDED AND/OR DISCOVERED BY:\nSarid Harper\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-5994"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
},
{
"db": "BID",
"id": "31369"
},
{
"db": "VULHUB",
"id": "VHN-36119"
},
{
"db": "PACKETSTORM",
"id": "70280"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-5994",
"trust": 2.8
},
{
"db": "BID",
"id": "31369",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "31553",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001640",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200901-396",
"trust": 0.7
},
{
"db": "XF",
"id": "45385",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-36119",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70280",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36119"
},
{
"db": "BID",
"id": "31369"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
},
{
"db": "PACKETSTORM",
"id": "70280"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-396"
},
{
"db": "NVD",
"id": "CVE-2008-5994"
}
]
},
"id": "VAR-200901-0123",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-36119"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:50:03.450000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/index.jsp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36119"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
},
{
"db": "NVD",
"id": "CVE-2008-5994"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/31369"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31553"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45385"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5994"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-5994"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/45385"
},
{
"trust": 0.3,
"url": "http://www.checkpoint.com"
},
{
"trust": 0.1,
"url": "http://secunia.com/binary_analysis/sample_analysis/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31553/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/13352/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36119"
},
{
"db": "BID",
"id": "31369"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
},
{
"db": "PACKETSTORM",
"id": "70280"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-396"
},
{
"db": "NVD",
"id": "CVE-2008-5994"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-36119"
},
{
"db": "BID",
"id": "31369"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
},
{
"db": "PACKETSTORM",
"id": "70280"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-396"
},
{
"db": "NVD",
"id": "CVE-2008-5994"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-36119"
},
{
"date": "2008-09-24T00:00:00",
"db": "BID",
"id": "31369"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001640"
},
{
"date": "2008-09-24T19:14:30",
"db": "PACKETSTORM",
"id": "70280"
},
{
"date": "2009-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-396"
},
{
"date": "2009-01-28T15:30:00.407000",
"db": "NVD",
"id": "CVE-2008-5994"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-36119"
},
{
"date": "2015-05-07T17:23:00",
"db": "BID",
"id": "31369"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001640"
},
{
"date": "2009-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-396"
},
{
"date": "2024-11-21T00:55:23.960000",
"db": "NVD",
"id": "CVE-2008-5994"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-396"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Check Point Connectra NGX of index.php Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001640"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "70280"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-396"
}
],
"trust": 0.7
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…