Sign-up

ID

VAR-200805-0357


CVE

CVE-2008-2167


TITLE

ZyXEL ZyWALL 100 Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2008-005777

DESCRIPTION

Cross-site scripting (XSS) vulnerability in ZyXEL ZyWALL 100 allows remote attackers to inject arbitrary web script or HTML via the Referer header, which is not properly handled in a 404 Error page. ZyWALL 100 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. ---------------------------------------------------------------------- Secunia Network Software Inspector 2.0 (NSI) - Public Beta The Public Beta has ended. Thanks to all that participated. Learn more: http://secunia.com/network_software_inspector_2/ ---------------------------------------------------------------------- TITLE: ZyXEL ZyWALL 100 "Referer" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA30142 VERIFY ADVISORY: http://secunia.com/advisories/30142/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: ZyXEL ZyWALL Series http://secunia.com/product/147/ DESCRIPTION: Deniz Cevik has reported a vulnerability in ZyXEL ZyWALL 100, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "Referer" HTTP header to the web management interface is not properly sanitised before being returned to the user. SOLUTION: Do not browse untrusted websites or follow untrusted links while being logged in to the web management interface. PROVIDED AND/OR DISCOVERED BY: Deniz Cevik ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2008-May/062152.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2008-2167 // JVNDB: JVNDB-2008-005777 // BID: 29110 // PACKETSTORM: 66338

AFFECTED PRODUCTS

vendor:zyxelmodel:zywall 100scope: - version: -

Trust: 1.4

vendor:zyxelmodel:zywall 100scope:eqversion:*

Trust: 1.0

vendor:zyxelmodel:zywallscope:eqversion:100

Trust: 0.3

sources: BID: 29110 // JVNDB: JVNDB-2008-005777 // CNNVD: CNNVD-200805-122 // NVD: CVE-2008-2167

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-2167
value: MEDIUM

Trust: 1.0

NVD: CVE-2008-2167
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200805-122
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2008-2167
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2008-005777 // CNNVD: CNNVD-200805-122 // NVD: CVE-2008-2167

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2008-005777 // NVD: CVE-2008-2167

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200805-122

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 66338 // CNNVD: CNNVD-200805-122

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-005777

PATCH
title:Top Pageurl:http://www.zyxel.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-005777

EXTERNAL IDS
db:NVDid:CVE-2008-2167
Trust: 2.7
db:BIDid:29110
Trust: 1.9
db:SECUNIAid:30142
Trust: 1.7
db:SREASONid:3869
Trust: 1.6
db:SECTRACKid:1020000
Trust: 1.6
db:VUPENid:ADV-2008-1501
Trust: 1.6
db:JVNDBid:JVNDB-2008-005777
Trust: 0.8
db:FULLDISCid:20080508 ZYWALL REFERER HEADER XSS VULNERABILITY
Trust: 0.6
db:BUGTRAQid:20080508 ZYWALL REFERER HEADER XSS VULNERABILITY
Trust: 0.6
db:XFid:42282
Trust: 0.6
db:CNNVDid:CNNVD-200805-122
Trust: 0.6
db:PACKETSTORMid:66338
Trust: 0.1
sources:
            
            
            BID: 29110 // 
            
            
            
            JVNDB: JVNDB-2008-005777 // 
            
            
            
            PACKETSTORM: 66338 // 
            
            
            
            CNNVD: CNNVD-200805-122 // 
            
            
            
            NVD: CVE-2008-2167

REFERENCES
url:http://lists.grok.org.uk/pipermail/full-disclosure/2008-may/062152.html
Trust: 1.7
url:http://www.securitytracker.com/id?1020000
Trust: 1.6
url:http://www.securityfocus.com/bid/29110
Trust: 1.6
url:http://securityreason.com/securityalert/3869
Trust: 1.6
url:http://secunia.com/advisories/30142
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/42282
Trust: 1.0
url:http://www.vupen.com/english/advisories/2008/1501/references
Trust: 1.0
url:http://www.securityfocus.com/archive/1/491818/100/0/threaded
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2167
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2167
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/42282
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/491818/100/0/threaded
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2008/1501/references
Trust: 0.6
url:http://us.zyxel.com/web/product_family_detail.php?pc1indexflag=20040908175941&categorygroupno=05e0ba6c-ffa2-4cc7-b648-8f0c29cd2b8a
Trust: 0.3
url:/archive/1/491818
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/147/
Trust: 0.1
url:http://secunia.com/network_software_inspector_2/
Trust: 0.1
url:http://secunia.com/advisories/30142/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            BID: 29110 // 
            
            
            
            JVNDB: JVNDB-2008-005777 // 
            
            
            
            PACKETSTORM: 66338 // 
            
            
            
            CNNVD: CNNVD-200805-122 // 
            
            
            
            NVD: CVE-2008-2167

CREDITS
Deniz CEVIK  Deniz.Cevik@intellect.com.tr
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200805-122

SOURCES
db:BIDid:29110
db:JVNDBid:JVNDB-2008-005777
db:PACKETSTORMid:66338
db:CNNVDid:CNNVD-200805-122
db:NVDid:CVE-2008-2167

LAST UPDATE DATE
2025-04-10T23:03:24.945000+00:00

SOURCES UPDATE DATE
db:BIDid:29110date:2015-05-07T17:29:00
db:JVNDBid:JVNDB-2008-005777date:2012-12-20T00:00:00
db:CNNVDid:CNNVD-200805-122date:2009-01-29T00:00:00
db:NVDid:CVE-2008-2167date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:BIDid:29110date:2008-05-08T00:00:00
db:JVNDBid:JVNDB-2008-005777date:2012-12-20T00:00:00
db:PACKETSTORMid:66338date:2008-05-15T04:56:37
db:CNNVDid:CNNVD-200805-122date:2008-05-13T00:00:00
db:NVDid:CVE-2008-2167date:2008-05-13T20:20:00