Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:3062 |
Message | WEB-CGI NetScreen SA 5000 delhomepage.cgi access |
Summary | This event is generated when an attempt is made to access the delhomepage.cgi script which contains known vulnerabilities and is resident on Netscreen SA 5000 devices. |
Impact | Information gathering and possible cross site scripting attack. |
Detailed Information | This event is generated when an attempt is made to access the delhomepage.cgi script which is known to be vulnerable to a cross site scripting attack |
Affected Systems | Netscreen SA 5000 |
Attack Scenarios | An attacker can supply code of their choosing to a client system by using the cgi script as part of a cross site scripting attack. |
Ease of Attack | Simple. No exploit software required. |
Corrective Action | Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied. |
Additional References | |
Rule References | bugtraq: 9791 cve: 2004-0347 |
--
DID:749447
--
http://www.aanval.com/