File: 2305.txt

package info (click to toggle)
snort 2.7.0-20.4
  • links: PTS
  • area: main
  • in suites: lenny
  • size: 34,512 kB
  • ctags: 18,772
  • sloc: ansic: 115,404; sh: 10,893; makefile: 1,372; perl: 487; sql: 213
file content (64 lines) | stat: -rw-r--r-- 1,247 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
Rule:

--
Sid:
2305

--
Summary:
This event is generated when an attempt is made to access the script
chatbox.php on a web server running a PHP application.

--
Impact:
Denial of Service (DoS).

--
Detailed Information:
This event is generated when an attempt is made to access the script
chatbox.php on a web server. This application does not perform stringent 
checks when validating data supplied by the user in the Name field of
the script. HTML or script code supplied via that field may cause a
Denial of Service condition to occur.

--
Affected Systems:
	All systems running E107 versions 0.545 and 0.603, other versions may
	also be affected

--
Attack Scenarios:
The attacker could supply some offending HTML code into the name field
and cause the DoS.

--
Ease of Attack:
Simple.

Proof of concept exists, in the name field enter:

<script type=javascript>alert('foo')</script>

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Ensure the system is using an up to date version of the software and has
had all vendor supplied patches applied.

--
Contributors:
Sourcefire Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References:

--