Plugin ID | 89 |
Plugin name | vHost up to 3.1.0r1 cross site scripting |
Plugin filename | vHost up to 3.1.0r1 cross site scripting.plugin |
Plugin filesize | 3075 bytes |
Plugin family | CGI |
Plugin created name | Marc Ruef |
Plugin created email | marc dot ruef at computec dot ch |
Plugin created web | http://www.computec.ch |
Plugin created company | computec.ch |
Plugin created date | 2004/03/23 |
Plugin updated name | Marc Ruef |
Plugin updated email | marc dot ruef at computec dot ch |
Plugin updated web | http://www.computec.ch |
Plugin updated company | computec.ch |
Plugin updated date | 2004/11/14 |
Plugin version | 2.0 |
Plugin changelog | Corrected the plugin structure and added the accuracy values in 1.2. Improved the pattern matching and introduced the plugin changelog in 2.0 |
Plugin protocol | tcp |
Plugin port | 80 |
Plugin procedure detection | open|send GET /vhost.php?action=logout&time=1021231234 HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *<!-- vhost * |
Plugin detection accuracy | 90 |
Plugin comment | The version can not be determined correctly at the moment. You have to check the version for yourself or with another vulnerability scanner (e.g. Nessus). The time value is copied from Nessus and may be detected by different intrusion detection systems. |
Bug affected | vHost up to 3.1.0r1 |
Bug not affected | vHost newer than 3.1.0r1 |
Bug vulnerability class | Cross Site Scripting |
Bug description | The remote host is running a version of vHost which is older than 3.1.0r1. There is a cross site scripting vulnerability in this version which may allow an attacker to steal the cookies of the legitimate users of this site. |
Bug solution | Upgrade to the latest version of this software and limit unwanted connections and communications with firewalling. |
Bug fixing time | 1 hour |
Bug exploit availability | Yes |
Bug exploit url | http://www.securityfocus.com/bid/9860/exploit/ |
Bug remote | Yes |
Bug local | Yes |
Bug severity | Medium |
Bug popularity | 6 |
Bug simplicity | 8 |
Bug impact | 7 |
Bug risk | 7 |
Bug Nessus risk | Serious |
Bug check tools | Nessus is able to do the same check more accurate. |
Source SecurityFocus BID | 9860 |
Source Nessus ID | 12094 |
Source Literature | Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427 |
Source Misc. | http://www.computec.ch |