CVE-2001-1202
CVSS7.5
发布时间 :2001-12-28 00:00:00
修订时间 :2016-10-17 22:14:15
NMCOES    

[原文]Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.


[CNNVD]DeleGate跨站脚本漏洞(CNNVD-200112-143)

        DeleGate 7.7.0和7.7.1版本存在跨站脚本漏洞。该软件不引用带有"403 Forbidden"错误页面的脚本命令,远程攻击者借助产生错误的URL执行其他客户端的任意Javascript。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:delegate:delegate:7.8.1
cpe:/a:delegate:delegate:7.7.1
cpe:/a:delegate:delegate:7.8.0
cpe:/a:delegate:delegate:7.7.0

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1202
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1202
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200112-143
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=100956050432351&w=2
(UNKNOWN)  BUGTRAQ  20011228 DeleGate Cross Site Scripting Vulnerability
http://www.iss.net/security_center/static/7745.php
(VENDOR_ADVISORY)  XF  delegate-proxy-css(7745)
http://www.securityfocus.com/bid/3749
(UNKNOWN)  BID  3749

- 漏洞信息

DeleGate跨站脚本漏洞
高危 跨站脚本
2001-12-28 00:00:00 2005-10-20 00:00:00
远程  
        DeleGate 7.7.0和7.7.1版本存在跨站脚本漏洞。该软件不引用带有"403 Forbidden"错误页面的脚本命令,远程攻击者借助产生错误的URL执行其他客户端的任意Javascript。

- 公告与补丁

        The vendor has released an upgrade which addresses this issue.
        DeleGate DeleGate 7.7 .0
        
        DeleGate DeleGate 7.7.1
        

- 漏洞信息 (21193)

DeleGate 7.7.1 Cross-Site Scripting Vulnerability (EDBID:21193)
multiple remote
2001-12-28 Verified
0 SNS Research
N/A [点击下载]
source: http://www.securityfocus.com/bid/3749/info

DeleGate is a proxy server which runs on Linux , Unix, Microsoft Windows and OS/2 platforms. It is capable of translating a number of protocols(HTTP, FTP, NNTP, POP, Telnet, etc.) between client and server.

DeleGate is prone to cross-site scripting attacks. HTML tags are not filtered from links to error pages. As a result, it is possible for an attacker to insert malicious script code into a link to a site running DeleGate. When a web user clicks the link an error page will be displayed and the script code will be executed on the web user in the context of the site running DeleGate.

Such an attack may be used to steal a legitimate user's cookie-based authentication credentials. 

http://IP_Address_of_DeleGate/<script>alert("aaa");</script> 		

- 漏洞信息

6311
DeleGate Error Page XSS
Remote / Network Access Input Manipulation
Loss of Integrity Upgrade
Exploit Public Third-party Verified

- 漏洞描述

DeleGate contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate scripting commands within a "403 Forbidden" error page. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

- 时间线

2001-12-28 2001-12-26
2001-12-28 Unknow

- 解决方案

Upgrade to version 7.8.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

DeleGate Cross-Site Scripting Vulnerability
Input Validation Error 3749
Yes No
2001-12-28 12:00:00 2009-07-11 09:06:00
This vulnerability was publicized in a SNS Advisory on December 28th, 2001.

- 受影响的程序版本

DeleGate DeleGate 7.7.1
- FreeBSD FreeBSD 5.0
- HP HP-UX 11.20
- IBM AIX 4.3.3
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 3.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6
DeleGate DeleGate 7.7 .0
- FreeBSD FreeBSD 5.0
- HP HP-UX 11.20
- IBM AIX 4.3.3
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 3.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6
DeleGate DeleGate 7.8 .0
- FreeBSD FreeBSD 5.0
- HP HP-UX 11.20
- IBM AIX 4.3.3
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 3.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6

- 不受影响的程序版本

DeleGate DeleGate 7.8 .0
- FreeBSD FreeBSD 5.0
- HP HP-UX 11.20
- IBM AIX 4.3.3
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT 4.0 SP6a
- Microsoft Windows NT 4.0 SP5
- Microsoft Windows NT 4.0 SP4
- Microsoft Windows NT 4.0 SP3
- Microsoft Windows NT 4.0 SP2
- Microsoft Windows NT 4.0 SP1
- Microsoft Windows NT 4.0
- OpenBSD OpenBSD 2.9
- OpenBSD OpenBSD 3.0
- Sun Solaris 8_sparc
- Sun Solaris 7.0
- Sun Solaris 2.6

- 漏洞讨论

DeleGate is a proxy server which runs on Linux , Unix, Microsoft Windows and OS/2 platforms. It is capable of translating a number of protocols(HTTP, FTP, NNTP, POP, Telnet, etc.) between client and server.

DeleGate is prone to cross-site scripting attacks. HTML tags are not filtered from links to error pages. As a result, it is possible for an attacker to insert malicious script code into a link to a site running DeleGate. When a web user clicks the link an error page will be displayed and the script code will be executed on the web user in the context of the site running DeleGate.

Such an attack may be used to steal a legitimate user's cookie-based authentication credentials.

- 漏洞利用

The following example was submitted in the SNS Advisory:

http://IP_Address_of_DeleGate/&lt;script&gt;alert("aaa");&lt;/script&gt;

- 解决方案

The vendor has released an upgrade which addresses this issue.


DeleGate DeleGate 7.7 .0

DeleGate DeleGate 7.7.1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站