Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6339

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-6339
Last Modified 31 Dec 2012 12:00:00
Published 31 Dec 2012 06:50:28
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-6339

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cerberus FTP Server before 5.0.6.0 allow (1) remote attackers to inject arbitrary web script or HTML via a log entry that is not properly handled within the Log Manager component, and might allow (2) remote authenticated administrators to inject arbitrary web script or HTML via a Messages field to the servermanager program.

Vulnerable Systems

Application

  • Cerberusftp Ftp Server 1.0

  • Cerberusftp Ftp Server 1.01

  • Cerberusftp Ftp Server 1.02

  • Cerberusftp Ftp Server 1.03

  • Cerberusftp Ftp Server 1.05

  • Cerberusftp Ftp Server 1.1

  • Cerberusftp Ftp Server 1.2

  • Cerberusftp Ftp Server 1.22

  • Cerberusftp Ftp Server 1.5

  • Cerberusftp Ftp Server 1.6

  • Cerberusftp Ftp Server 1.7

  • Cerberusftp Ftp Server 1.71

  • Cerberusftp Ftp Server 2.0

  • Cerberusftp Ftp Server 2.01

  • Cerberusftp Ftp Server 2.02

  • Cerberusftp Ftp Server 2.1

  • Cerberusftp Ftp Server 2.11

  • Cerberusftp Ftp Server 2.15

  • Cerberusftp Ftp Server 2.16

  • Cerberusftp Ftp Server 2.2

  • Cerberusftp Ftp Server 2.21

  • Cerberusftp Ftp Server 2.22

  • Cerberusftp Ftp Server 2.23

  • Cerberusftp Ftp Server 2.3

  • Cerberusftp Ftp Server 2.31

  • Cerberusftp Ftp Server 2.32

  • Cerberusftp Ftp Server 2.4

  • Cerberusftp Ftp Server 2.41

  • Cerberusftp Ftp Server 2.42

  • Cerberusftp Ftp Server 2.43

  • Cerberusftp Ftp Server 2.44

  • Cerberusftp Ftp Server 2.45

  • Cerberusftp Ftp Server 2.46

  • Cerberusftp Ftp Server 2.47

  • Cerberusftp Ftp Server 2.48

  • Cerberusftp Ftp Server 2.49

  • Cerberusftp Ftp Server 2.50

  • Cerberusftp Ftp Server 3.0

  • Cerberusftp Ftp Server 3.0.1

  • Cerberusftp Ftp Server 3.0.2

  • Cerberusftp Ftp Server 3.0.3

  • Cerberusftp Ftp Server 3.0.4

  • Cerberusftp Ftp Server 3.0.5

  • Cerberusftp Ftp Server 3.0.6

  • Cerberusftp Ftp Server 3.0.7

  • Cerberusftp Ftp Server 3.0.7.1

  • Cerberusftp Ftp Server 3.0.8

  • Cerberusftp Ftp Server 3.1

  • Cerberusftp Ftp Server 3.1.0.3

  • Cerberusftp Ftp Server 3.1.0.4

  • Cerberusftp Ftp Server 3.1.0.5

  • Cerberusftp Ftp Server 3.1.1

  • Cerberusftp Ftp Server 3.1.2

  • Cerberusftp Ftp Server 3.1.3

  • Cerberusftp Ftp Server 3.1.3.1

  • Cerberusftp Ftp Server 3.1.4

  • Cerberusftp Ftp Server 4.0.0

  • Cerberusftp Ftp Server 4.0.0.11

  • Cerberusftp Ftp Server 4.0.0.6

  • Cerberusftp Ftp Server 4.0.0.8

  • Cerberusftp Ftp Server 4.0.0.9

  • Cerberusftp Ftp Server 4.0.1

  • Cerberusftp Ftp Server 4.0.1.1

  • Cerberusftp Ftp Server 4.0.10.0

  • Cerberusftp Ftp Server 4.0.11.0

  • Cerberusftp Ftp Server 4.0.2

  • Cerberusftp Ftp Server 4.0.2.2

  • Cerberusftp Ftp Server 4.0.3.0

  • Cerberusftp Ftp Server 4.0.3.1

  • Cerberusftp Ftp Server 4.0.3.2

  • Cerberusftp Ftp Server 4.0.3.3

  • Cerberusftp Ftp Server 4.0.4.0

  • Cerberusftp Ftp Server 4.0.4.1

  • Cerberusftp Ftp Server 4.0.4.2

  • Cerberusftp Ftp Server 4.0.4.3

  • Cerberusftp Ftp Server 4.0.5

  • Cerberusftp Ftp Server 4.0.5.2

  • Cerberusftp Ftp Server 4.0.5.3

  • Cerberusftp Ftp Server 4.0.5.4

  • Cerberusftp Ftp Server 4.0.5.5

  • Cerberusftp Ftp Server 4.0.6

  • Cerberusftp Ftp Server 4.0.7

  • Cerberusftp Ftp Server 4.0.7.2

  • Cerberusftp Ftp Server 4.0.7.3

  • Cerberusftp Ftp Server 4.0.7.5

  • Cerberusftp Ftp Server 4.0.7.6

  • Cerberusftp Ftp Server 4.0.8.0

  • Cerberusftp Ftp Server 4.0.8.1

  • Cerberusftp Ftp Server 4.0.8.3

  • Cerberusftp Ftp Server 4.0.9.0

  • Cerberusftp Ftp Server 4.0.9.1

  • Cerberusftp Ftp Server 4.0.9.2

  • Cerberusftp Ftp Server 4.0.9.3

  • Cerberusftp Ftp Server 4.0.9.4

  • Cerberusftp Ftp Server 4.0.9.5

  • Cerberusftp Ftp Server 4.0.9.6

  • Cerberusftp Ftp Server 4.0.9.7

  • Cerberusftp Ftp Server 4.0.9.8

  • Cerberusftp Ftp Server 5.0.0.0

  • Cerberusftp Ftp Server 5.0.0.1

  • Cerberusftp Ftp Server 5.0.0.2

  • Cerberusftp Ftp Server 5.0.0.3

  • Cerberusftp Ftp Server 5.0.0.4

  • Cerberusftp Ftp Server 5.0.0.5

  • Cerberusftp Ftp Server 5.0.0.6

  • Cerberusftp Ftp Server 5.0.0.7

  • Cerberusftp Ftp Server 5.0.1.0

  • Cerberusftp Ftp Server 5.0.1.1

  • Cerberusftp Ftp Server 5.0.1.2

  • Cerberusftp Ftp Server 5.0.2.0

  • Cerberusftp Ftp Server 5.0.3.0

  • Cerberusftp Ftp Server 5.0.3.1

  • Cerberusftp Ftp Server 5.0.4.0

  • Cerberusftp Ftp Server 5.0.4.1

  • Cerberusftp Ftp Server 5.0.4.2

  • Cerberusftp Ftp Server 5.0.4.3

  • Cerberusftp Ftp Server 5.0.5.0

  • Cerberusftp Ftp Server 5.0.5.1


References

CONFIRM - http://www.cerberusftp.com/products/releasenotes.html

MISC - http://sadgeeksinsnow.blogspot.com/2012/12/persistence-is-key-another-bug-hunt.html

BUGTRAQ - 20121219 Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339]


Last Updated: 27 May 2016 11:01:30