Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2564

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-2564
Last Modified 05 Sep 2008 04:44:29
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-2564

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in show.asp and (2) the title parameter in showperf.asp.

Vulnerable Systems

Application

  • Sambar Server 6.1


References

XF - sambar-show-showperf-xss(16286)

BID - 10444

OSVDB - 6584

OSVDB - 6583

MISC - http://www.oliverkarow.de/research/sambar.txt

SECTRACK - 1010353

SECUNIA - 11748


Last Updated: 27 May 2016 10:39:32