Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5742

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2008-5742
Last Modified 29 Jan 2009 02:00:06
Published 26 Dec 2008 03:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-5742

Summary

Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the redirect parameter in a logoff action to modules/auth/index.php or (2) the url parameter to modules/linkmanager/redirect.php. NOTE: this was reported within an "HTTP Response Splitting" section in the original disclosure.

Vulnerable Systems

Application

  • Netcat 1.1

  • Netcat 2.0

  • Netcat 2.1

  • Netcat 2.2

  • Netcat 2.3

  • Netcat 2.4

  • Netcat 3.0

  • Netcat 3.12


References

BID - 32992

MILW0RM - 7560

SREASON - 4819


Last Updated: 27 May 2016 10:48:54