ID

VAR-200903-0100


CVE

CVE-2008-6465


TITLE

Parallels H-Sphere of webshell4 Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2009-004208

DESCRIPTION

Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters. (1) err Parameters (2) errorcode Parameters (3) login Parameters. H-Sphere is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. H-Sphere 3.0.0 Patch 9 and 3.1 Patch 1 are vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/ ---------------------------------------------------------------------- TITLE: H-Sphere webshell4 "login.php" Cross-Site Scripting SECUNIA ADVISORY ID: SA31830 VERIFY ADVISORY: http://secunia.com/advisories/31830/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote SOFTWARE: H-Sphere 3.x http://secunia.com/advisories/product/19894/ DESCRIPTION: t0fx has reported two vulnerabilities in H-Sphere, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "err" and "login" parameters in webshell4's login.php script is not properly sanitised before being returned to the user. The vulnerabilities are reported in versions 3.0.0 P9 and 3.1 P1. SOLUTION: Filter malicious characters and character sequences in a web proxy. PROVIDED AND/OR DISCOVERED BY: t0fx. Additional information from Peter M. Abraham. ORIGINAL ADVISORY: http://www.xssing.com/index.php?x=3&y=65 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-6465 // JVNDB: JVNDB-2009-004208 // BID: 31256 // VULMON: CVE-2008-6465 // PACKETSTORM: 70138

AFFECTED PRODUCTS

vendor:parallelsmodel:h-spherescope:eqversion:3.1

Trust: 1.6

vendor:parallelsmodel:h-spherescope:eqversion:3.0.0

Trust: 1.6

vendor:parallelsmodel:h-spherescope:eqversion:3.0.0 p9 and 3.1 p1

Trust: 0.8

vendor:parallelsmodel:h-sphere patchscope:eqversion:3.11

Trust: 0.3

vendor:parallelsmodel:h-sphere patchscope:eqversion:3.09

Trust: 0.3

sources: BID: 31256 // JVNDB: JVNDB-2009-004208 // CNNVD: CNNVD-200903-251 // NVD: CVE-2008-6465

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-6465
value: MEDIUM

Trust: 1.0

NVD: CVE-2008-6465
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200903-251
value: MEDIUM

Trust: 0.6

VULMON: CVE-2008-6465
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-6465
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2008-6465 // JVNDB: JVNDB-2009-004208 // CNNVD: CNNVD-200903-251 // NVD: CVE-2008-6465

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2009-004208 // NVD: CVE-2008-6465

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200903-251

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 70138 // CNNVD: CNNVD-200903-251

CONFIGURATIONS

[
  {
    "CVE_data_version": "4.0",
    "nodes": [
      {
        "operator": "OR",
        "cpe_match": [
          {
            "vulnerable": true,
            "cpe22Uri": "cpe:/a:parallels:h-sphere"
          }
        ]
      }
    ]
  }
]

sources: JVNDB: JVNDB-2009-004208

PATCH

title:H-Sphereurl:http://www.parallels.com/jp/products/hsphere/

Trust: 0.8

title:Kenzer Templates [5170] [DEPRECATED]url:https://github.com/ARPSyndicate/kenzer-templates

Trust: 0.1

sources: VULMON: CVE-2008-6465 // JVNDB: JVNDB-2009-004208

EXTERNAL IDS

db:NVDid:CVE-2008-6465

Trust: 2.8

db:BIDid:31256

Trust: 2.0

db:SECUNIAid:31830

Trust: 1.8

db:OSVDBid:48232

Trust: 1.7

db:JVNDBid:JVNDB-2009-004208

Trust: 0.8

db:XFid:45254

Trust: 0.6

db:XFid:4

Trust: 0.6

db:XFid:45252

Trust: 0.6

db:CNNVDid:CNNVD-200903-251

Trust: 0.6

db:VULMONid:CVE-2008-6465

Trust: 0.1

db:PACKETSTORMid:70138

Trust: 0.1

sources: VULMON: CVE-2008-6465 // BID: 31256 // JVNDB: JVNDB-2009-004208 // PACKETSTORM: 70138 // CNNVD: CNNVD-200903-251 // NVD: CVE-2008-6465

REFERENCES

url:http://www.xssing.com/index.php?x=3&y=65

Trust: 1.8

url:http://secunia.com/advisories/31830

Trust: 1.7

url:http://www.securityfocus.com/bid/31256

Trust: 1.7

url:http://osvdb.org/48232

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/45254

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/45252

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6465

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-6465

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/45254

Trust: 0.6

url:http://xforce.iss.net/xforce/xfdb/45252

Trust: 0.6

url:http://www.parallels.com/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/79.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/arpsyndicate/kenzer-templates

Trust: 0.1

url:http://secunia.com/advisories/product/19894/

Trust: 0.1

url:http://secunia.com/binary_analysis/sample_analysis/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/31830/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: VULMON: CVE-2008-6465 // BID: 31256 // JVNDB: JVNDB-2009-004208 // PACKETSTORM: 70138 // CNNVD: CNNVD-200903-251 // NVD: CVE-2008-6465

CREDITS

t0fx

Trust: 0.3

sources: BID: 31256

SOURCES

db:VULMONid:CVE-2008-6465
db:BIDid:31256
db:JVNDBid:JVNDB-2009-004208
db:PACKETSTORMid:70138
db:CNNVDid:CNNVD-200903-251
db:NVDid:CVE-2008-6465

LAST UPDATE DATE

2025-04-10T22:28:50.150000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2008-6465date:2017-08-17T00:00:00
db:BIDid:31256date:2015-05-07T17:23:00
db:JVNDBid:JVNDB-2009-004208date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200903-251date:2009-03-13T00:00:00
db:NVDid:CVE-2008-6465date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:VULMONid:CVE-2008-6465date:2009-03-13T00:00:00
db:BIDid:31256date:2008-09-19T00:00:00
db:JVNDBid:JVNDB-2009-004208date:2012-09-25T00:00:00
db:PACKETSTORMid:70138date:2008-09-20T18:41:02
db:CNNVDid:CNNVD-200903-251date:2009-03-13T00:00:00
db:NVDid:CVE-2008-6465date:2009-03-13T10:30:00.577