Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1006

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2005-1006
Last Modified 05 Sep 2008 04:47:56
Published 02 May 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-1006

Summary

Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file.

Vulnerable Systems


References

XF - sonicwall-username-code-execution(19960)

XF - sonicwall-http-get-requests-xss(19958)

BID - 12984

MISC - http://www.oliverkarow.de/research/SonicWall.txt

SECTRACK - 1013638

SECUNIA - 14823

BUGTRAQ - 20050404 SonicWALL SOHO/10 - XSS vulnerability

OSVDB - 15262

OSVDB - 15261


Last Updated: 27 May 2016 10:40:00