11 matches found
EUVD-2008-2164
Malware in sbrugna...
ZyWALL 100 HTTP Referer Header - Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29110/info ZyWALL 100 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
Cross site scripting
Cross-site scripting XSS vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page...
CVE-2008-2167
Cross-site scripting XSS vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page...
CVE-2008-2167
ZyXEL ZyWALL 100 is affected by a cross-site scripting (XSS) vulnerability where a crafted Referer header is not properly handled on the 404 error page, allowing remote attackers to inject arbitrary web script or HTML. The available documents identify the affected product and the vulnerability cl...
CVE-2008-2167
Cross-site scripting XSS vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page...
ZyWALL 100 HTTP Referer头跨站脚本漏
BUGTRAQ ID: 29110 Zywall是一款由Zyxel开发和维护的硬件防火墙。 ZyWALL基于Web的管理接口使用referer头生成404 Error页面。如果远程攻击者用特制的referer头请求了不存在的网页的话,应用程序就无法正确地过滤referer头中的数据,导致跨站脚本攻击,在客户端浏览器中执行脚本代码。 ZyXEL ZyWall 100 ZyXEL ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.zyxel.com/index.php GET /blah.htm HTTP/1.1...
zyxel-xss.txt
Affected Software/Device: Zyxel ZYWall 100 Vulnerability: Cross Site Scripting Risk: Low Description: The ZyWALL 100 is designed to act as a secure gateway via xDSL/Cable modems or broadband routers for small to medium size companies. The ZyWALL 100 features an ICSA certified firewall, IPSec VPN...
ZYWALL Referer Header XSS Vulnerability
Affected Software/Device: Zyxel ZYWall 100 Vulnerability: Cross Site Scripting Risk: Low Description: The ZyWALL 100 is designed to act as a secure gateway via xDSL/Cable modems or broadband routers for small to medium size companies. The ZyWALL 100 features an ICSA certified firewall, IPSec VPN...
ZyWALL 100 HTTP Referer Header - Cross-Site Scripting
ZyWALL 100 HTTP Referer Header - Cross-Site Scripting source: https://www.securityfocus.com/bid/29110/info ZyWALL 100 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
ZyWALL 100 HTTP Referer Header - Cross-Site Scripting
source: https://www.securityfocus.com/bid/29110/info ZyWALL 100 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...