Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1243

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1243
Last Modified 05 Sep 2008 05:37:13
Published 10 Mar 2008 01:44:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1243

Summary

Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI.

Vulnerable Systems


References

BUGTRAQ - 20080301 The Router Hacking Challenge is Over!

MISC - http://www.gnucitizen.org/projects/router-hacking-challenge/

MISC - http://code.bulix.org/koom78-65490

MISC - http://code.bulix.org/cx46qa-65489

XF - linksys-wrt300n-dyndnsdomain-xss(41121)


Last Updated: 27 May 2016 10:47:05