Vulnerabilities > CVE-2004-1513 - Unspecified vulnerability in Soft3304 04Webserver 1.42
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN soft3304
nessus
Summary
04WebServer 1.42 does not adequately filter data that is written to log files, which could allow remote attackers to inject carriage return characters into the log file and spoof log entries.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | Web Servers |
| NASL id | 04WEBSERVER.NASL |
| description | The remote host is running a version of 04WebServer which is older than version 1.5. Such versions are affected by multiple vulnerabilities : - A cross-site scripting vulnerability in the Response_default.html script which could allow an attacker to execute arbitrary code in the user |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 15713 |
| published | 2004-11-13 |
| reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/15713 |
| title | 04WebServer Multiple Vulnerabilities (XSS, DoS, more) |
References
- http://marc.info/?l=bugtraq&m=110012542615484&w=2
- http://marc.info/?l=bugtraq&m=110012542615484&w=2
- http://marc.info/?l=bugtraq&m=110054395311823&w=2
- http://marc.info/?l=bugtraq&m=110054395311823&w=2
- http://secunia.com/advisories/13159/
- http://secunia.com/advisories/13159/
- http://www.security.org.sg/vuln/04webserver142.html
- http://www.security.org.sg/vuln/04webserver142.html
- http://www.securityfocus.com/bid/11652
- http://www.securityfocus.com/bid/11652
- http://www.soft3304.net/04WebServer/Security.html
- http://www.soft3304.net/04WebServer/Security.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18034
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18034