Cisco VPN3K/ASA WebVPN Clientless Mode Cross-Site Scripting Vulnerability

Bugtraq ID: 18419
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Jun 14 2006 12:00AM
Updated: Jan 26 2007 04:09PM
Credit: Discovery is credited to Michal Zalewski.
Vulnerable: Cisco VPN 3000 Concentrator 4.7.1 F
Cisco VPN 3000 Concentrator 4.7.1
Cisco VPN 3000 Concentrator 4.7
Cisco VPN 3000 Concentrator 4.1.5 .B
Cisco VPN 3000 Concentrator 4.1 .x
Cisco VPN 3000 Concentrator 4.0.5 .B
Cisco VPN 3000 Concentrator 4.0.1
Cisco VPN 3000 Concentrator 4.0 .x
Cisco VPN 3000 Concentrator 4.0
Cisco VPN 3000 Concentrator 3.6.7 D
Cisco VPN 3000 Concentrator 3.6.7
Cisco VPN 3000 Concentrator 3.6.1
Cisco VPN 3000 Concentrator 3.6
Cisco VPN 3000 Concentrator 3.5.5
Cisco VPN 3000 Concentrator 3.5.4
Cisco VPN 3000 Concentrator 3.5.3
Cisco VPN 3000 Concentrator 3.5.2
Cisco VPN 3000 Concentrator 3.5.1
Cisco VPN 3000 Concentrator 3.5 (Rel)
Cisco VPN 3000 Concentrator 3.1.4
Cisco VPN 3000 Concentrator 3.1.2
Cisco VPN 3000 Concentrator 3.1.1
Cisco VPN 3000 Concentrator 3.1 (Rel)
Cisco VPN 3000 Concentrator 3.1
Cisco VPN 3000 Concentrator 3.0.4
Cisco VPN 3000 Concentrator 3.0.3 (B)
Cisco VPN 3000 Concentrator 3.0.3 (A)
Cisco VPN 3000 Concentrator 3.0
Cisco VPN 3000 Concentrator 3.0
Cisco VPN 3000 Concentrator 2.5.2 (F)
Cisco VPN 3000 Concentrator 2.5.2 (D)
Cisco VPN 3000 Concentrator 2.5.2 (C)
Cisco VPN 3000 Concentrator 2.5.2 (B)
Cisco VPN 3000 Concentrator 2.5.2 (A)
Cisco VPN 3000 Concentrator 2.0
Cisco VPN 3000 Concentrator 4.1.7.B
Cisco VPN 3000 Concentrator 4.1.7.A
Cisco ASA 5500 Series Adaptive Security Appliance 7.0.4 .3
Cisco ASA 5500 Series Adaptive Security Appliance 7.0.4
Cisco ASA 5500 Series Adaptive Security Appliance 7.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus