Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3921

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2005-3921
Last Modified 07 Mar 2011 09:27:23
Published 30 Nov 2005 06:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-3921

Summary

Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers.

Vulnerable Systems

Operating System

  • Cisco Ios 12.3

  • Cisco Ios 12.3%2810%29

  • Cisco Ios 12.3%2810c%29

  • Cisco Ios 12.3%2810d%29

  • Cisco Ios 12.3%2810e%29

  • Cisco Ios 12.3%2811%29

  • Cisco Ios 12.3%2811%29t

  • Cisco Ios 12.3%2811%29t4

  • Cisco Ios 12.3%2811%29t5

  • Cisco Ios 12.3%2811%29t6

  • Cisco Ios 12.3%2811%29t8

  • Cisco Ios 12.3%2811%29t9

  • Cisco Ios 12.3%2811%29xl

  • Cisco Ios 12.3%2811%29xl3

  • Cisco Ios 12.3%2811%29yf

  • Cisco Ios 12.3%2811%29yf2

  • Cisco Ios 12.3%2811%29yf3

  • Cisco Ios 12.3%2811%29yf4

  • Cisco Ios 12.3%2811%29yj

  • Cisco Ios 12.3%2811%29yk

  • Cisco Ios 12.3%2811%29yk1

  • Cisco Ios 12.3%2811%29yk2

  • Cisco Ios 12.3%2811%29yl

  • Cisco Ios 12.3%2811%29yn

  • Cisco Ios 12.3%2811%29yr

  • Cisco Ios 12.3%2811%29ys

  • Cisco Ios 12.3%2811%29ys1

  • Cisco Ios 12.3%2811%29yw

  • Cisco Ios 12.3%2812%29

  • Cisco Ios 12.3%2812b%29

  • Cisco Ios 12.3%2812e%29

  • Cisco Ios 12.3%2813%29

  • Cisco Ios 12.3%2813a%29

  • Cisco Ios 12.3%2813a%29bc

  • Cisco Ios 12.3%2813a%29bc1

  • Cisco Ios 12.3%2813b%29

  • Cisco Ios 12.3%2814%29t

  • Cisco Ios 12.3%2814%29t2

  • Cisco Ios 12.3%2814%29t4

  • Cisco Ios 12.3%2814%29t5

  • Cisco Ios 12.3%2814%29ym4

  • Cisco Ios 12.3%2814%29yq

  • Cisco Ios 12.3%2814%29yq1

  • Cisco Ios 12.3%2814%29yq3

  • Cisco Ios 12.3%2814%29yq4

  • Cisco Ios 12.3%2814%29yt

  • Cisco Ios 12.3%2814%29yt1

  • Cisco Ios 12.3%2814%29yu

  • Cisco Ios 12.3%2814%29yu1

  • Cisco Ios 12.3%2815%29

  • Cisco Ios 12.3%2815b%29

  • Cisco Ios 12.3%2816%29

  • Cisco Ios 12.3%281a%29

  • Cisco Ios 12.3%282%29ja

  • Cisco Ios 12.3%282%29ja5

  • Cisco Ios 12.3%282%29jk

  • Cisco Ios 12.3%282%29jk1

  • Cisco Ios 12.3%282%29t3

  • Cisco Ios 12.3%282%29t8

  • Cisco Ios 12.3%282%29xa4

  • Cisco Ios 12.3%282%29xa5

  • Cisco Ios 12.3%282%29xc1

  • Cisco Ios 12.3%282%29xc2

  • Cisco Ios 12.3%282%29xc3

  • Cisco Ios 12.3%282%29xc4

  • Cisco Ios 12.3%282%29xe3

  • Cisco Ios 12.3%282%29xe4

  • Cisco Ios 12.3%283e%29

  • Cisco Ios 12.3%283h%29

  • Cisco Ios 12.3%283i%29

  • Cisco Ios 12.3%284%29eo1

  • Cisco Ios 12.3%284%29ja

  • Cisco Ios 12.3%284%29ja1

  • Cisco Ios 12.3%284%29t

  • Cisco Ios 12.3%284%29t1

  • Cisco Ios 12.3%284%29t2

  • Cisco Ios 12.3%284%29t3

  • Cisco Ios 12.3%284%29t4

  • Cisco Ios 12.3%284%29t8

  • Cisco Ios 12.3%284%29tpc11a

  • Cisco Ios 12.3%284%29xd

  • Cisco Ios 12.3%284%29xd1

  • Cisco Ios 12.3%284%29xd2

  • Cisco Ios 12.3%284%29xe4

  • Cisco Ios 12.3%284%29xg1

  • Cisco Ios 12.3%284%29xg2

  • Cisco Ios 12.3%284%29xg4

  • Cisco Ios 12.3%284%29xg5

  • Cisco Ios 12.3%284%29xh

  • Cisco Ios 12.3%284%29xk

  • Cisco Ios 12.3%284%29xk1

  • Cisco Ios 12.3%284%29xk3

  • Cisco Ios 12.3%284%29xk4

  • Cisco Ios 12.3%284%29xq

  • Cisco Ios 12.3%284%29xq1

  • Cisco Ios 12.3%285%29

  • Cisco Ios 12.3%285%29b1

  • Cisco Ios 12.3%285a%29

  • Cisco Ios 12.3%285a%29b

  • Cisco Ios 12.3%285a%29b2

  • Cisco Ios 12.3%285a%29b5

  • Cisco Ios 12.3%285b%29

  • Cisco Ios 12.3%285c%29

  • Cisco Ios 12.3%285e%29

  • Cisco Ios 12.3%285f%29

  • Cisco Ios 12.3%286%29

  • Cisco Ios 12.3%286a%29

  • Cisco Ios 12.3%286d%29

  • Cisco Ios 12.3%286e%29

  • Cisco Ios 12.3%286f%29

  • Cisco Ios 12.3%287%29ja

  • Cisco Ios 12.3%287%29ja1

  • Cisco Ios 12.3%287%29jx

  • Cisco Ios 12.3%287%29t

  • Cisco Ios 12.3%287%29t10

  • Cisco Ios 12.3%287%29t12

  • Cisco Ios 12.3%287%29t4

  • Cisco Ios 12.3%287%29t8

  • Cisco Ios 12.3%287%29t9

  • Cisco Ios 12.3%287%29xi3

  • Cisco Ios 12.3%287%29xi4

  • Cisco Ios 12.3%287%29xi7

  • Cisco Ios 12.3%287%29xr3

  • Cisco Ios 12.3%287%29xr4

  • Cisco Ios 12.3%287%29xr6

  • Cisco Ios 12.3%287.7%29

  • Cisco Ios 12.3%288%29t11

  • Cisco Ios 12.3%288%29t4

  • Cisco Ios 12.3%288%29t7

  • Cisco Ios 12.3%288%29t8

  • Cisco Ios 12.3%288%29t9

  • Cisco Ios 12.3%288%29xu2

  • Cisco Ios 12.3%288%29xy4

  • Cisco Ios 12.3%288%29xy5

  • Cisco Ios 12.3%288%29xy6

  • Cisco Ios 12.3%288%29ya1

  • Cisco Ios 12.3%288%29yd

  • Cisco Ios 12.3%288%29yf

  • Cisco Ios 12.3%288%29yg

  • Cisco Ios 12.3%288%29yg1

  • Cisco Ios 12.3%288%29yg2

  • Cisco Ios 12.3%288%29yg3

  • Cisco Ios 12.3%288%29yh

  • Cisco Ios 12.3%288%29yi

  • Cisco Ios 12.3%288%29yi1

  • Cisco Ios 12.3%288%29yi3

  • Cisco Ios 12.3%289%29

  • Cisco Ios 12.3%289a%29bc

  • Cisco Ios 12.3%289a%29bc2

  • Cisco Ios 12.3%289a%29bc6

  • Cisco Ios 12.3%289a%29bc7

  • Cisco Ios 12.3%289d%29

  • Cisco Ios 12.3%289e%29

  • Cisco Ios 12.3b

  • Cisco Ios 12.3bc

  • Cisco Ios 12.3bw

  • Cisco Ios 12.3ja

  • Cisco Ios 12.3jk

  • Cisco Ios 12.3jx

  • Cisco Ios 12.3t

  • Cisco Ios 12.3tpc

  • Cisco Ios 12.3xa

  • Cisco Ios 12.3xb

  • Cisco Ios 12.3xc

  • Cisco Ios 12.3xd

  • Cisco Ios 12.3xe

  • Cisco Ios 12.3xf

  • Cisco Ios 12.3xg

  • Cisco Ios 12.3xh

  • Cisco Ios 12.3xi

  • Cisco Ios 12.3xj

  • Cisco Ios 12.3xk

  • Cisco Ios 12.3xl

  • Cisco Ios 12.3xm

  • Cisco Ios 12.3xn

  • Cisco Ios 12.3xq

  • Cisco Ios 12.3xr

  • Cisco Ios 12.3xs

  • Cisco Ios 12.3xt

  • Cisco Ios 12.3xu

  • Cisco Ios 12.3xv

  • Cisco Ios 12.3xw

  • Cisco Ios 12.3xx

  • Cisco Ios 12.3xy

  • Cisco Ios 12.3xz

  • Cisco Ios 12.3ya

  • Cisco Ios 12.3yb

  • Cisco Ios 12.3yc

  • Cisco Ios 12.3yd

  • Cisco Ios 12.3ye

  • Cisco Ios 12.3yf

  • Cisco Ios 12.3yg

  • Cisco Ios 12.3yh

  • Cisco Ios 12.3yi

  • Cisco Ios 12.3yj

  • Cisco Ios 12.3yk

  • Cisco Ios 12.3yl

  • Cisco Ios 12.3ym

  • Cisco Ios 12.3yn

  • Cisco Ios 12.3yq

  • Cisco Ios 12.3yr

  • Cisco Ios 12.3ys

  • Cisco Ios 12.3yt

  • Cisco Ios 12.3yu

  • Cisco Ios 12.3yw

  • Cisco Ios 12.3yx

  • Cisco Ios 12.4

  • Cisco Ios 12.4%281%29

  • Cisco Ios 12.4%281b%29

  • Cisco Ios 12.4%281c%29

  • Cisco Ios 12.4%282%29mr

  • Cisco Ios 12.4%282%29mr1

  • Cisco Ios 12.4%282%29t

  • Cisco Ios 12.4%282%29t1

  • Cisco Ios 12.4%282%29t2

  • Cisco Ios 12.4%282%29xa

  • Cisco Ios 12.4%282%29xb

  • Cisco Ios 12.4%283a%29

  • Cisco Ios 12.4%283b%29

  • Cisco Ios 12.4%284%29t

  • Cisco Ios 12.4%285%29

  • Cisco Ios 12.4mr

  • Cisco Ios 12.4t

  • Cisco Ios 12.4xa

  • Cisco Ios 12.4xb


References

VUPEN - ADV-2005-2657

BID - 16291

BID - 15602

BUGTRAQ - 20051128 - Cisco IOS HTTP Server code injection/execution vulnerability-

MISC - http://www.infohacking.com/INFOHACKING_RESEARCH/Our_Advisories/cisco/index.html

IDEFENSE - 20060117 Cisco Systems IOS 11 Web Service CDP Status Page Code Injection Vulnerability

CISCO - 20051201 IOS HTTP Server Command Injection Vulnerability

SECTRACK - 1015275

SECUNIA - 18528

SECUNIA - 17780

SREASON - 227


Last Updated: 27 May 2016 10:41:06