Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4514

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4514
Last Modified 05 Sep 2008 04:57:05
Published 22 Dec 2005 08:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4514

Summary

** DISPUTED ** The encapsulation script mechanism in Webwasher CSM Appliance Suite 5.x uses case-sensitive detection of malicious tokens, which allows attackers to bypass script detection by using tokens that can be upper or lower case. NOTE: the vendor has stated that this problem could not be reproduced, and has asked the researcher for more information, without a response as of 20060103.

Vulnerable Systems

Application

  • Webwasher Csm Appliance Suite 5.0


References

BID - 16047

BUGTRAQ - 20060103 RE: Webwasher CSM Appliance Script Security Restriction Bypass

BUGTRAQ - 20051223 RE: Webwasher CSM Appliance Script Security Restriction Bypass

BUGTRAQ - 20051222 Webwasher CSM Appliance Script Security Restriction Bypass

XF - webwasher-security-bypass(23884)

SREASON - 293


Last Updated: 27 May 2016 10:41:20