发布时间 :2002-12-31 00:00:00
修订时间 :2008-09-05 16:32:58

[原文]Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 allows remote attackers to inject arbitrary web script or HTML via a blocked URL.

[CNNVD]SonicWall SOHO3内容阻止脚本注入漏洞(CNNVD-200212-799)

        SonicWALL SOHO3版本content blocking存在跨站脚本攻击(XSS)漏洞。远程攻击者借助封锁的URL注入任意web脚本。

- CVSS (基础分值)

CVSS分值: 4.3 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: MEDIUM [漏洞利用存在一定的访问条件]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-79 [在Web页面生成时对输入的转义处理不恰当(跨站脚本)]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BID  4755
(UNKNOWN)  XF  sonicwall-soho3-script-injection(9103)

- 漏洞信息

SonicWall SOHO3内容阻止脚本注入漏洞
中危 跨站脚本
2002-12-31 00:00:00 2002-12-31 00:00:00
        SonicWALL SOHO3版本content blocking存在跨站脚本攻击(XSS)漏洞。远程攻击者借助封锁的URL注入任意web脚本。

- 公告与补丁

        The work-arounds described above will resolve the vulnerability until a permanent resolution is developed. Sonicwall is working on a fix for this issue that will be available with the release of the next version of SonicWALL firmware. If you require additional assistance with this vulnerability, please visit SonicWALL's Technical Support site at:

- 漏洞信息 (21453)

SonicWall SOHO3 6.3 Content Blocking Script Injection Vulnerability (EDBID:21453)
multiple remote
2002-05-17 Verified
0 E M
N/A [点击下载]

The Sonicwall SOHO3 is an Internet security appliance that provides firewall security solutions.

Reportedly, a vulnerability exists in the product that allows for a script injection attack to be launched from a malicious user within the internal LAN.

It is possible to configure Sonicwall to block domains from a list of user entered domains. Sonicwall will deny local users access to the websites that have been blocked. A malicious user may be able to inject script code as part of a URL of a blocked domain. Attempts to access blocked domains will be entered into the log files of Sonicwall. An administrator viewing the log files will automatically cause the malicious script code execute.

If the attacker's script code is injected into the logfile then the administrator will not be able to access the log normally. To regain access to the logs the appliance will need to be rebooted. It should be noted that rebooting the appliance will cause the logs to be cleared and will effectively eliminate any indication in the logs of which user initiated the attack.

It is possible for a malicious remote user to exploit this issue by crafting a URL of a known blocked domain that includes script code, and enticing a local user into following the link.<SCRIPT>window.location.href="";</SCRIPT>

The script code will redirect a user to a different site. 		

- 漏洞信息

SonicWALL SOHO3 Content Filter XSS
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

SonicWALL SOHO3 contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate blocked site URIs upon submission to the administrator logs. This could allow a user to create a specially crafted URL that would execute arbitrary code in the administrator's browser when s/he views the log, leading to a loss of integrity.

- 时间线

2002-05-17 Unknow
2002-05-17 Unknow

- 解决方案

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workarounds: 1. Unselect "Blocked Web Sites" from the "Log->Log Settings" tab. Selected sites will continue to be blocked, but no logs will be generated. 2. Disabled Active Scripting in your web browser.

- 相关参考

- 漏洞作者