Chaogic Systems VHost Unspecified Cross-Site Scripting Vulnerability
BID:9860
Info
Chaogic Systems VHost Unspecified Cross-Site Scripting Vulnerability
| Bugtraq ID: | 9860 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 12 2004 12:00AM |
| Updated: | Mar 12 2004 12:00AM |
| Credit: | The individual responsible for the discovery of this issue is currently unknown. |
| Vulnerable: |
Chaogic Systems vHost 3.0 5r6 Chaogic Systems vHost 3.0 5r5 Chaogic Systems vHost 3.0 5r4 Chaogic Systems vHost 3.0 5r3 Chaogic Systems vHost 3.0 5r2 Chaogic Systems vHost 3.0 5r1 Chaogic Systems vHost 3.0 4r1 Chaogic Systems vHost 3.0 3r1 Chaogic Systems vHost 3.0 2r2 Chaogic Systems vHost 3.0 2r1 Chaogic Systems vHost 3.0 1r1 Chaogic Systems vHost 3.0 0r6 Chaogic Systems vHost 3.0 0r5 Chaogic Systems vHost 3.0 0r4 Chaogic Systems vHost 3.0 0r3 Chaogic Systems vHost 3.0 0r2 Chaogic Systems vHost 3.0 0r1 |
| Not Vulnerable: |
Chaogic Systems vHost 3.1 0r1 |
Discussion
Chaogic Systems VHost Unspecified Cross-Site Scripting Vulnerability
It has been reported that the vHost web based interface is prone to a remote cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user input.
The technical details of this issue cannot be currently described due to insufficient details, however this BID will be updated as new information becomes available.
Attackers may exploit this vulnerability to steal authentication credentials. Other attacks may also be possible.
It has been reported that the vHost web based interface is prone to a remote cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user input.
The technical details of this issue cannot be currently described due to insufficient details, however this BID will be updated as new information becomes available.
Attackers may exploit this vulnerability to steal authentication credentials. Other attacks may also be possible.
Exploit / POC
Chaogic Systems VHost Unspecified Cross-Site Scripting Vulnerability
No exploit is required to leverage this issue.
No exploit is required to leverage this issue.
Solution / Fix
Chaogic Systems VHost Unspecified Cross-Site Scripting Vulnerability
Solution:
The vendor has released an upgrade dealing with this issue.
Chaogic Systems vHost 3.0 0r5
Chaogic Systems vHost 3.0 0r2
Chaogic Systems vHost 3.0 5r5
Chaogic Systems vHost 3.0 5r1
Chaogic Systems vHost 3.0 0r1
Chaogic Systems vHost 3.0 0r4
Chaogic Systems vHost 3.0 0r3
Chaogic Systems vHost 3.0 3r1
Chaogic Systems vHost 3.0 2r2
Chaogic Systems vHost 3.0 2r1
Chaogic Systems vHost 3.0 0r6
Chaogic Systems vHost 3.0 4r1
Chaogic Systems vHost 3.0 5r4
Chaogic Systems vHost 3.0 5r6
Chaogic Systems vHost 3.0 5r3
Chaogic Systems vHost 3.0 5r2
Chaogic Systems vHost 3.0 1r1
Solution:
The vendor has released an upgrade dealing with this issue.
Chaogic Systems vHost 3.0 0r5
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 0r2
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 5r5
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 5r1
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 0r1
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 0r4
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 0r3
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 3r1
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 2r2
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 2r1
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 0r6
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 4r1
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 5r4
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 5r6
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 5r3
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 5r2
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
Chaogic Systems vHost 3.0 1r1
-
Chaogic Systems vhost-3.10r1.tar.gz
ftp://ftp.chaogic.com/pub/vhost-3.10r1.tar.gz
References
Chaogic Systems VHost Unspecified Cross-Site Scripting Vulnerability
References:
References:
- Changelog (Chaogic Systems)
- vHost Home Page (Chaogic Systems)