CVE-2002-0238
CVSS7.5
发布时间 :2002-05-29 00:00:00
修订时间 :2016-10-17 22:17:26
NMCOS    

[原文]Cross-site scripting vulnerability in web administration interface for NetGear RT314 and RT311 Gateway Routers allows remote attackers to execute arbitrary script on another client via a URL that contains the script.


[CNNVD]Netgear RT314/RT311 Gateway Router跨站执行脚本漏洞(CNNVD-200205-070)

        
        Netgear's RT314是种四口路由器,适合家庭或者小型办公网使用。
        为了方便用户配置,Netgear RT314 Gateway Router(3.25及其以前版本)上运行着一个
        WEB Server(ZyXEL-RomPager/3.02)。但是这个WEB Server存在跨站执行脚本漏洞,参
        看两年前的CERT CA-2000-02。
        假设攻击者知道路由器内部IP,就可以想法让路由器管理员访问如下URL
        http:///
        其中的脚本经过精心设计,可获取路由器管理员用于身份验证的cookies。
        Netgear RP114 Cable/DSL Web Safe Router不存在这个问题。
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/h:netgear:rt314:3.24NetGear RT314 RT311 Gateway Router Firmware 3.24
cpe:/h:netgear:rt314:3.22NetGear RT314 RT311 Gateway Router Firmware 3.22
cpe:/h:netgear:rt314:3.25NetGear RT314 RT311 Gateway Router Firmware 3.25

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0238
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0238
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200205-070
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=101286360203461&w=2
(UNKNOWN)  BUGTRAQ  20020203 Netgear RT311/RT314
http://www.iss.net/security_center/static/8082.php
(VENDOR_ADVISORY)  XF  netgear-web-interface-css(8082)
http://www.securityfocus.com/bid/4024
(UNKNOWN)  BID  4024

- 漏洞信息

Netgear RT314/RT311 Gateway Router跨站执行脚本漏洞
高危 输入验证
2002-05-29 00:00:00 2005-10-20 00:00:00
远程  
        
        Netgear's RT314是种四口路由器,适合家庭或者小型办公网使用。
        为了方便用户配置,Netgear RT314 Gateway Router(3.25及其以前版本)上运行着一个
        WEB Server(ZyXEL-RomPager/3.02)。但是这个WEB Server存在跨站执行脚本漏洞,参
        看两年前的CERT CA-2000-02。
        假设攻击者知道路由器内部IP,就可以想法让路由器管理员访问如下URL
        http:///
        其中的脚本经过精心设计,可获取路由器管理员用于身份验证的cookies。
        Netgear RP114 Cable/DSL Web Safe Router不存在这个问题。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 禁止设备内置的HTTP、FTP和Telnet服务。然后重启路由器。
        厂商补丁:
        Netgear
        -------
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.netgear.com/

- 漏洞信息

4152
NETGEAR Router URI XSS
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

Netgear RT311,RT314,FR314 and RP114 gateway routers contains a flaw that allows a remote cross site scripting attack. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

- 时间线

2002-02-03 Unknow
2002-02-03 Unknow

- 解决方案

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Disable access to the internal HTTP, FTP and Telnet servers of the device.

- 相关参考

- 漏洞作者

- 漏洞信息

Netgear RT314/RT311 Gateway Router Cross-Site Scripting Vulnerability
Input Validation Error 4024
Yes No
2002-02-03 12:00:00 2009-07-11 09:56:00
This vulnerability was submitted to BugTraq on February 3rd, 2002 by "sq" <sq@cirt.net>.

- 受影响的程序版本

NetGear RT314/RT311 Gateway Router Firmware 3.25
NetGear RT314/RT311 Gateway Router Firmware 3.24
NetGear RT314/RT311 Gateway Router Firmware 3.22

- 漏洞讨论

The Netgear RT314/RT311 Gateway Router models allow Cable/DSL users to share a connection. These products provide a web-based administrative interface.

The affected products run a ZyXel-RomPager web server to provide easy web-based configuration.

The web interface for the router is prone to cross-site scripting attacks. This may be exploited by an attacker who knows the internal IP address of the router. Arbitrary script code may be included in a malicious link, which is executed in the browser of the victim, in the context of the router.

It is possible that an attacker may capitalize on this opportunity to gain unauthorized administrative access to the router. This may occur if the attacker can successfully steal cookie-based authentication credentials from a user who has access to the administrative interface.

It should be noted that there is a distinct possibility that any other router products running the ZyXel-RomPager web server (versions 3.02 or earlier) may also be prone to this issue.

This issue reportedly does not affect the Netgear RP114 Cable/DSL Web Safe Router.

- 漏洞利用

There is no exploit code required.

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站