Plugin ID | 109 |
Plugin name | SWsoft Plesk login_up.php3 reloaded cross site scripting |
Plugin filename | SWsoft Plesk login_up.php3 reloaded cross site scripting.plugin |
Plugin filesize | 3221 bytes |
Plugin family | CGI |
Plugin created name | Marc Ruef |
Plugin created email | marc dot ruef at computec dot ch |
Plugin created web | http://www.computec.ch |
Plugin created company | computec.ch |
Plugin created date | 2004/08/26 |
Plugin updated name | Marc Ruef |
Plugin updated email | marc dot ruef at computec dot ch |
Plugin updated web | http://www.computec.ch |
Plugin updated company | computec.ch |
Plugin updated date | 2004/11/14 |
Plugin version | 2.0 |
Plugin changelog | Corrected the plugin structure and added the accuracy values in 1.1. Improved the pattern matching and introduced the plugin changelog in 2.0 |
Plugin protocol | tcp |
Plugin port | 80 |
Plugin procedure detection | open|sleep|close|pattern_exists * |
Plugin detection accuracy | 1 |
Plugin comment | The check is copied from the Nessus plugin. Please check the Nessus plugin ID for more details. |
Bug affected | FreeBSD FTP server |
Bug not affected | Other FTP servers |
Bug vulnerability class | Cross Site Scripting |
Bug description | The remote host is running Plesk Reloaded (from SWsoft), a web based system administration tool. The remote version of this software is vulnerable to a cross-site scripting attack. An attacker can exploit it by compromising the values of the parameter cat_select in login_up.php3. This can be used to take advantage of the trust between a client and server allowing the malicious user to execute malicious JavaScript on the client's machine. |
Bug solution | The solution should be deactivated or de-installed if not necessary. To make it harder to find the web server the daemon could be configured to listen at another port (e.g. 2280). Try to prevent unwanted connection attempts by filtering traffic with firewalling. |
Bug fixing time | 15 minutes |
Bug exploit availability | Yes |
Bug exploit url | http://www.securityfocus.com/bid/11024/exploit/ |
Bug remote | Yes |
Bug local | Yes |
Bug severity | Medium |
Bug popularity | 2 |
Bug simplicity | 9 |
Bug impact | 7 |
Bug risk | 5 |
Bug Nessus risk | Medium |
Bug check tools | Nessus is able to do nearly the same check. See the Nessus ID for more details. |
Source SecurityFocus BID | 11024 |
Source Nessus ID | 14369 |
Source Literature | Hacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, Düsseldorf, ISBN 381582284X |
Source Misc. | http://www.computec.ch |