Cogent DataHub < 7.3.5 Multiple Vulnerabilities

The remote host is running a version of Cogent DataHub, formerly known as Cascade DataHub and OFC DataHub, that is prior to 7.3.5. It is, therefore, affected by the following vulnerabilities :

• A directory traversal vulnerability exists due improper validation of user-supplied input to the directory specifier. A remote attacker can exploit this to access hard-coded files. (CVE-2014-2352)

• A cross-site scripting vulnerability exists due to improper validation of user-supplied input. An attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user’s browser session. (CVE-2014-2353)

• An overflow condition exists in the web server due to improper validation of user-supplied input when handling a negative content-length field. A remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2014-3788)

• A command injection vulnerability exists in the ‘GetPermissions.asp’ active server page in the EvalExpresssion method due to improper sanitization of user-supplied input. A remote attacker can exploit this to execute arbitrary commands in the context of the DataHub process. (CVE-2014-3789)

• Multiple vulnerabilities exist related to the bundled OpenSSL 1.0.0d library.