Details of VAR-200501-0217

ID

VAR-200501-0217

CVE

CVE-2005-0291

TITLE

Netgear FVS318 LogViewer Cross-site scripting vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200501-252

DESCRIPTION

Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase. NetGear FVS318 is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to bypass URI filters and carry out cross-site scripting attacks. The following issues were identified: It is reported that an attacker can bypass URI filters of the device. The URI filter log viewer is reported prone to a cross-site scripting vulnerability. The research report specified that FVS318 devices with firmware 2.4 are vulnerable to these issues. FVS318 and FVS318v2 are shipped with firmware 2.4, however, it is possible that FVS318v3 and other firmware versions are affected as well. This BID will be updated when more information about affected packages is available. Multiple Vulnerabilities in Netgear FVS318 Router ------------------------------------------------------------------------ SUMMARY The <http://www.netgear.com> Netgear FVS318 is "an easy to use, firewall/router designed for home users and small businesses". SecuriNews Research has found 2 vulnerabilities in the router, one allows bypassing the product's content filtering mechanism while the other allows injecting arbitrary HTML and/or JavaScript into the product's log files which can then be used to attack the administrator of the router. DETAILS Content Filtering Bypass: By using HEX encoded characters, it is possible to bypass the URL filter. For example, if the router administrator blocks the phrase ".exe"; a user can encode one or more characters in the URL phrase to bypass the filter. If we encode the 'x' in ".exe", the new phrase ".e%78e" will bypass the filter

Trust: 1.26

sources: NVD: CVE-2005-0291 // BID: 12278 // VULHUB: VHN-11500

AFFECTED PRODUCTS

vendor:	netgear	model:	fvs318	scope:	eq	version:	2.4	Trust: 1.9
vendor:	netgear	model:	fvs318v2	scope:	eq	version:	2.4	Trust: 0.3

sources: BID: 12278 // CNNVD: CNNVD-200501-252 // NVD: CVE-2005-0291

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-0291
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200501-252
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-11500
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-0291
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-11500
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-11500 // CNNVD: CNNVD-200501-252 // NVD: CVE-2005-0291

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0291

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200501-252

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-200501-252

EXTERNAL IDS

db:	NVD	id:	CVE-2005-0291	Trust: 2.0
db:	BID	id:	12278	Trust: 2.0
db:	SECUNIA	id:	13787	Trust: 1.7
db:	SECTRACK	id:	1012913	Trust: 1.7
db:	OSVDB	id:	13012	Trust: 1.7
db:	XF	id:	18921	Trust: 0.6
db:	XF	id:	318	Trust: 0.6
db:	FULLDISC	id:	20050117 MULTIPLE VULNERABILITIES IN NETGEAR FVS318 ROUTER	Trust: 0.6
db:	BUGTRAQ	id:	20050117 MULTIPLE VULNERABILITIES IN NETGEAR FVS318 ROUTER	Trust: 0.6
db:	CNNVD	id:	CNNVD-200501-252	Trust: 0.6
db:	SEEBUG	id:	SSVID-89399	Trust: 0.1
db:	VULHUB	id:	VHN-11500	Trust: 0.1

sources: VULHUB: VHN-11500 // BID: 12278 // CNNVD: CNNVD-200501-252 // NVD: CVE-2005-0291

REFERENCES

url:	http://www.securityfocus.com/bid/12278	Trust: 1.7
url:	http://lists.grok.org.uk/pipermail/full-disclosure/2005-january/030984.html	Trust: 1.7
url:	http://www.osvdb.org/13012	Trust: 1.7
url:	http://securitytracker.com/id?1012913	Trust: 1.7
url:	http://secunia.com/advisories/13787	Trust: 1.7
url:	http://www.securinews.com/vuln.htm?vulnid=103	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/18921	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=110599727631560&w=2	Trust: 1.0
url:	http://xforce.iss.net/xforce/xfdb/18921	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=110599727631560&w=2	Trust: 0.6
url:	http://www.netgear.com/products/prod_details.asp?prodid=129	Trust: 0.3
url:	/archive/1/387467	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=110599727631560&w=2	Trust: 0.1

sources: VULHUB: VHN-11500 // BID: 12278 // CNNVD: CNNVD-200501-252 // NVD: CVE-2005-0291

CREDITS

Paul Kurczaba※ pkurczaba@att.net

Trust: 0.6

sources: CNNVD: CNNVD-200501-252

SOURCES

db:	VULHUB	id:	VHN-11500
db:	BID	id:	12278
db:	CNNVD	id:	CNNVD-200501-252
db:	NVD	id:	CVE-2005-0291

LAST UPDATE DATE

2024-08-14T13:08:50.701000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-11500	date:	2017-07-11T00:00:00
db:	BID	id:	12278	date:	2009-07-12T10:06:00
db:	CNNVD	id:	CNNVD-200501-252	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-0291	date:	2017-07-11T01:32:12.063

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-11500	date:	2005-01-17T00:00:00
db:	BID	id:	12278	date:	2005-01-17T00:00:00
db:	CNNVD	id:	CNNVD-200501-252	date:	2005-01-17T00:00:00
db:	NVD	id:	CVE-2005-0291	date:	2005-01-17T05:00:00