Sign-up

ID

VAR-201001-0738


CVE

CVE-2010-0440


TITLE

Cisco Secure Desktop of +CSCOT+/translation Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2010-001084

DESCRIPTION

Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not properly handled by an eval statement in binary/mainv.js that writes to start.html. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Versions prior to Cisco Secure Desktop 3.5 are vulnerable. Cisco Secure Desktop (CSD) uses encryption to reduce the risk of cookies, browser history, temporary files, and downloads being left on the system after a remote user logs off or an SSL VPN session times out. Input passed via a POST request to the "/translation" script of the web interface is not properly sanitised before being returned to the user. Cisco ASA 5500 Series Adaptive Security Appliances: Update to version 8.2(1), 8.1(2.7), or 8.0(5) PROVIDED AND/OR DISCOVERED BY: Matias Pablo Brutti, Core Security Technologies ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=19843 Core Security Technologies: http://www.coresecurity.com/content/cisco-secure-desktop-xss ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2010-0440 // JVNDB: JVNDB-2010-001084 // BID: 37960 // VULHUB: VHN-43045 // PACKETSTORM: 85865

AFFECTED PRODUCTS

vendor:ciscomodel:secure desktopscope:ltversion:3.5

Trust: 1.8

vendor:ciscomodel:secure desktopscope:eqversion:3.4.2048

Trust: 1.1

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:8.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:8.2\(1\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:8.1\(2.7\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:8.0\(5\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:8.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:8.0

Trust: 1.0

vendor:ciscomodel:secure desktopscope:eqversion:3.1.1

Trust: 0.9

vendor:ciscomodel:secure desktopscope:eqversion:3.1.1.33

Trust: 0.9

vendor:ciscomodel:secure desktopscope:eqversion:3.1

Trust: 0.9

vendor:ciscomodel:adaptive security appliancescope:ltversion:8.0(5)

Trust: 0.8

vendor:ciscomodel:adaptive security appliancescope:ltversion:8.1(2.7)

Trust: 0.8

vendor:ciscomodel:adaptive security appliancescope:ltversion:8.2(1)

Trust: 0.8

vendor:ciscomodel:secure desktopscope:eqversion:3.4

Trust: 0.6

vendor:ciscomodel:secure desktopscope:eqversion:3.4.2

Trust: 0.6

vendor:ciscomodel:secure desktopscope:eqversion:3.3

Trust: 0.6

vendor:ciscomodel:secure desktopscope:eqversion:3.2.1

Trust: 0.6

vendor:ciscomodel:secure desktopscope:eqversion:3.1.1.27

Trust: 0.6

vendor:ciscomodel:secure desktopscope:eqversion:3.4.1

Trust: 0.6

vendor:ciscomodel:secure desktopscope:eqversion:3.2

Trust: 0.6

vendor:ciscomodel:secure desktopscope:eqversion:3.1.1.45

Trust: 0.3

vendor:ciscomodel:secure desktopscope:neversion:3.5.841

Trust: 0.3

sources: BID: 37960 // JVNDB: JVNDB-2010-001084 // CNNVD: CNNVD-201002-022 // NVD: CVE-2010-0440

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-0440
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-0440
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201002-022
value: MEDIUM

Trust: 0.6

VULHUB: VHN-43045
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-0440
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-43045
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-43045 // JVNDB: JVNDB-2010-001084 // CNNVD: CNNVD-201002-022 // NVD: CVE-2010-0440

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-43045 // JVNDB: JVNDB-2010-001084 // NVD: CVE-2010-0440

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201002-022

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 85865 // CNNVD: CNNVD-201002-022

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-001084

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-43045

PATCH
title:19843url:http://tools.cisco.com/security/center/viewAlert.x?alertId=19843
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-001084

EXTERNAL IDS
db:BIDid:37960
Trust: 2.8
db:NVDid:CVE-2010-0440
Trust: 2.8
db:SECUNIAid:38397
Trust: 2.6
db:VUPENid:ADV-2010-0273
Trust: 2.5
db:JVNDBid:JVNDB-2010-001084
Trust: 0.8
db:CNNVDid:CNNVD-201002-022
Trust: 0.7
db:BUGTRAQid:20100201 [CORE-2010-0106] CISCO SECURE DESKTOP XSS/JAVASCRIPT INJECTION
Trust: 0.6
db:NSFOCUSid:14441
Trust: 0.6
db:PACKETSTORMid:85827
Trust: 0.1
db:SEEBUGid:SSVID-86775
Trust: 0.1
db:EXPLOIT-DBid:33567
Trust: 0.1
db:VULHUBid:VHN-43045
Trust: 0.1
db:PACKETSTORMid:85865
Trust: 0.1
sources:
            
            
            VULHUB: VHN-43045 // 
            
            
            
            BID: 37960 // 
            
            
            
            JVNDB: JVNDB-2010-001084 // 
            
            
            
            PACKETSTORM: 85865 // 
            
            
            
            CNNVD: CNNVD-201002-022 // 
            
            
            
            NVD: CVE-2010-0440

REFERENCES
url:http://www.securityfocus.com/bid/37960
Trust: 2.5
url:http://secunia.com/advisories/38397
Trust: 2.5
url:http://www.vupen.com/english/advisories/2010/0273
Trust: 2.5
url:http://tools.cisco.com/security/center/viewalert.x?alertid=19843
Trust: 2.1
url:http://www.coresecurity.com/content/cisco-secure-desktop-xss
Trust: 2.1
url:http://www.securityfocus.com/archive/1/509290/100/0/threaded
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0440
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0440
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/509290/100/0/threaded
Trust: 0.6
url:http://www.nsfocus.net/vulndb/14441
Trust: 0.6
url:http://www.cisco.com
Trust: 0.3
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/blog/71/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/38397/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-43045 // 
            
            
            
            BID: 37960 // 
            
            
            
            JVNDB: JVNDB-2010-001084 // 
            
            
            
            PACKETSTORM: 85865 // 
            
            
            
            CNNVD: CNNVD-201002-022 // 
            
            
            
            NVD: CVE-2010-0440

CREDITS
Matias Pablo Brutti
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201002-022

SOURCES
db:VULHUBid:VHN-43045
db:BIDid:37960
db:JVNDBid:JVNDB-2010-001084
db:PACKETSTORMid:85865
db:CNNVDid:CNNVD-201002-022
db:NVDid:CVE-2010-0440

LAST UPDATE DATE
2024-11-23T22:59:59.881000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-43045date:2018-11-15T00:00:00
db:BIDid:37960date:2010-01-26T00:00:00
db:JVNDBid:JVNDB-2010-001084date:2010-02-24T00:00:00
db:CNNVDid:CNNVD-201002-022date:2010-02-05T00:00:00
db:NVDid:CVE-2010-0440date:2024-11-21T01:12:13.370

SOURCES RELEASE DATE
db:VULHUBid:VHN-43045date:2010-02-03T00:00:00
db:BIDid:37960date:2010-01-26T00:00:00
db:JVNDBid:JVNDB-2010-001084date:2010-02-24T00:00:00
db:PACKETSTORMid:85865date:2010-02-02T17:26:28
db:CNNVDid:CNNVD-201002-022date:2010-01-26T00:00:00
db:NVDid:CVE-2010-0440date:2010-02-03T18:30:00.813