Vulnerabilities > CVE-2005-4574 - Unspecified vulnerability in Paperthin Commonspot Content Server

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
paperthin
nessus
exploit available
NVD
Published: 2005-12-29
Updated: 2024-11-21

Summary

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the bNewWindow parameter.

Vulnerable Configurations

Part Description Count
Application
Paperthin
5

Exploit-Db

descriptionPaperThin CommonSpot Content Server 4.5 Cross-Site Scripting Vulnerability. CVE-2005-4574. Webapps exploit for cfm platform
idEDB-ID:26986
last seen2016-02-03
modified2005-12-23
published2005-12-23
reporterr0t3d3Vil
sourcehttps://www.exploit-db.com/download/26986/
titlePaperThin CommonSpot Content Server 4.5 - Cross-Site Scripting Vulnerability

Nessus

NASL familyDebian Local Security Checks
NASL idDEBIAN_DSA-1201.NASL
descriptionSeveral remote vulnerabilities have been discovered in the Ethereal network scanner. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4574 It was discovered that the MIME multipart dissector is vulnerable to denial of service caused by an off-by-one overflow. - CVE-2006-4805 It was discovered that the XOT dissector is vulnerable to denial of service caused by memory corruption.
last seen2020-06-01
modified2020-06-02
plugin id22931
published2006-11-01
reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/22931
titleDebian DSA-1201-1 : ethereal - several vulnerabilities
code
#%NASL_MIN_LEVEL 80502

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Debian Security Advisory DSA-1201. The text 
# itself is copyright (C) Software in the Public Interest, Inc.
#

include("compat.inc");

if (description)
{
  script_id(22931);
  script_version("1.14");
  script_cvs_date("Date: 2019/08/02 13:32:20");

  script_cve_id("CVE-2006-4574", "CVE-2006-4805");
  script_xref(name:"DSA", value:"1201");

  script_name(english:"Debian DSA-1201-1 : ethereal - several vulnerabilities");
  script_summary(english:"Checks dpkg output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Debian host is missing a security-related update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Several remote vulnerabilities have been discovered in the Ethereal
network scanner. The Common Vulnerabilities and Exposures project
identifies the following problems :

  - CVE-2005-4574
    It was discovered that the MIME multipart dissector is
    vulnerable to denial of service caused by an off-by-one
    overflow.

  - CVE-2006-4805
    It was discovered that the XOT dissector is vulnerable
    to denial of service caused by memory corruption."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=396258"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2005-4574"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://security-tracker.debian.org/tracker/CVE-2006-4805"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.debian.org/security/2006/dsa-1201"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"Upgrade the ethereal packages.

For the stable distribution (sarge) these problems have been fixed in
version 0.10.10-2sarge9. Due to technical problems with the security
buildd infrastructure this update lacks builds for the hppa and sparc
architecture. They will be released as soon as the problems are
resolved."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:ethereal");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2006/10/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2006/11/01");
  script_set_attribute(attribute:"vuln_publication_date", value:"2006/10/27");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc.");
  script_family(english:"Debian Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"3.1", prefix:"ethereal", reference:"0.10.10-2sarge9")) flag++;
if (deb_check(release:"3.1", prefix:"ethereal-common", reference:"0.10.10-2sarge9")) flag++;
if (deb_check(release:"3.1", prefix:"ethereal-dev", reference:"0.10.10-2sarge9")) flag++;
if (deb_check(release:"3.1", prefix:"tethereal", reference:"0.10.10-2sarge9")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

References