Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:1754 |
Message | WEB-IIS as_web4.exe access |
Summary | This event is generated when an attempt is made to access the as_web4.exe component associated with the askSam Web Publisher software. |
Impact | Cross-site scripting. This may allow execution of arbitrary commands on a victim host that visits the vulnerable server. |
Detailed Information | askSam Web Publisher is a product that allows the creation and publication of documents and databases on the Internet. A vulnerability exists in the as_web.exe or as_web4.exe component that may allow cross-site scripting because of a failure to filter script and HTML when error messages are returned. This may allow an attacker to execute arbitrary code on the victim host that visits the vulnerable server. |
Affected Systems | askSam Web Publisher 4.0 |
Attack Scenarios | An attacker can inject malicious code in vulnerable askSam input fields that use as_web.exe or as_web4.exe. The may allow execution of arbitrary code on a victim host that visits the vulnerable server. |
Ease of Attack | Simple. |
Corrective Action | Disable scripting language support in your browser and e-mail client software to prevent becoming a victim host. |
Additional References | Bugtraq http://www.securityfocus.com/bid/4670 |
Rule References | bugtraq: 4670 |
--
DID:699764
--
http://www.aanval.com/