Signature Detail
Short Name |
HTTP:XSS:SERVICE-CGI |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
Cobalt RAQ 4 Service.cgi Cross-site Script Attack |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Cobalt RAQ 4 Service.cgi Cross-site Script Attack
This signature detects attempts to exploit a known vulnerability in multiple scripts that ship with Cobalt RAQ 4 Server Management. Attackers can use cross-site scripting techniques to trick users into revealing sensitive information; attackers can use this information to further compromise the system.
Extended Description
RaQ is a server appliance originally developed by Cobalt. It is now distributed and maintained by Sun Microsystems. Due to insufficient sanitization of input, it is possible to execute script code on Cobalt RaQ systems. The problem occurs in the filtering of maliciously HTML tags when passed to the service.cgi and alert.cgi scripts. It has been reported that by passing malicious script code through the search.cgi or alert.cgi scripts, it may be possible to place malicious content on pages hosted by the RaQ server.
Affected Products
- Cobalt RaQ 2.0.0
- Cobalt RaQ 3.0.0
- Cobalt RaQ 4.0.0
- Sun Cobalt RaQ 2
- Sun Cobalt RaQ 4
References
- BugTraq: 4211
- CVE: CVE-2002-0346
- URL: http://packetstormsecurity.org/0203-exploits/Colbalt-RAQ-v4.txt