ID

VAR-200512-0135


CVE

CVE-2005-4323


TITLE

Hitachi Collaboration Schedule Unknown denial of service vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200512-378

DESCRIPTION

Unspecified vulnerability in Hitachi Cosminexus Collaboration Portal 06-00 through 06-10-/B, Groupmax Collaboration Portal 07-00 through 07-10-/B, and Groupmax Collaboration Web Client 07-00 through 07-10-/A allow remote attackers to cause a denial of service of unspecified impact via repeated invalid requests to the Schedule component. This vulnerability may be triggered by multiple invalid requests sent to the schedule. No further details have been provided. These are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks. ORIGINAL ADVISORY: http://www.hitachi-support.com/security_e/vuls_e/HS05-023_e/index-e.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.53

sources: NVD: CVE-2005-4323 // BID: 15500 // BID: 15498 // PACKETSTORM: 41644

AFFECTED PRODUCTS

vendor:hitachimodel:groupmax collaboration portalscope:eqversion:07_00

Trust: 1.6

vendor:hitachimodel:cosminexus collaboration portalscope:eqversion:06_00

Trust: 1.6

vendor:hitachimodel:groupmax collaboration web clientscope:eqversion:07_00

Trust: 1.6

vendor:hitachimodel:groupmax collaboration web clientscope:lteversion:07_10_a

Trust: 1.0

vendor:hitachimodel:cosminexus collaboration portalscope:lteversion:06_10_b

Trust: 1.0

vendor:hitachimodel:groupmax collaboration portalscope:lteversion:07_10_b

Trust: 1.0

vendor:hitachimodel:groupmax collaboration web ffs p-2746-e354 07-10-/ascope:eqversion:07-00-

Trust: 0.6

vendor:hitachimodel:groupmax collaboration portal p-2646-6354 07-10-/bscope:eqversion:07-00-

Trust: 0.6

vendor:hitachimodel:cosminexus collaboration portal p-2443-3d64 06-10-/bscope:eqversion:06-00-

Trust: 0.6

vendor:hitachimodel:cosminexus collaboration portal ffs p-2443-3e64 06-10-/ascope:eqversion:06-00-

Trust: 0.6

vendor:hitachimodel:groupmax collaboration web ffs p-2746-e354 07-10-/bscope:neversion:07-00-

Trust: 0.6

vendor:hitachimodel:groupmax collaboration portal p-2646-6354 07-10-/cscope:neversion:07-00-

Trust: 0.6

vendor:hitachimodel:cosminexus collaboration portal p-2443-3d64 06-10-/cscope:neversion:06-00-

Trust: 0.6

vendor:hitachimodel:cosminexus collaboration portal ffs p-2443-3e64 06-10-/bscope:neversion:06-00-

Trust: 0.6

vendor:hitachimodel:groupmax collaboration web clientscope:eqversion:07_10_a

Trust: 0.6

vendor:hitachimodel:groupmax collaboration portalscope:eqversion:07_10_b

Trust: 0.6

vendor:hitachimodel:cosminexus collaboration portalscope:eqversion:06_10_b

Trust: 0.6

sources: BID: 15500 // BID: 15498 // CNNVD: CNNVD-200512-378 // NVD: CVE-2005-4323

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-4323
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200512-378
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2005-4323
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

sources: CNNVD: CNNVD-200512-378 // NVD: CVE-2005-4323

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-4323

THREAT TYPE

network

Trust: 0.6

sources: BID: 15500 // BID: 15498

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200512-378

EXTERNAL IDS

db:HITACHIid:HS05-023

Trust: 2.0

db:BIDid:15500

Trust: 1.9

db:SECUNIAid:17634

Trust: 1.8

db:SECTRACKid:1015242

Trust: 1.6

db:SECTRACKid:1015241

Trust: 1.6

db:NVDid:CVE-2005-4323

Trust: 1.6

db:XFid:23193

Trust: 0.6

db:CNNVDid:CNNVD-200512-378

Trust: 0.6

db:BIDid:15498

Trust: 0.3

db:PACKETSTORMid:41644

Trust: 0.1

sources: BID: 15500 // BID: 15498 // PACKETSTORM: 41644 // CNNVD: CNNVD-200512-378 // NVD: CVE-2005-4323

REFERENCES

url:http://www.hitachi-support.com/security_e/vuls_e/hs05-023_e/01-e.html

Trust: 2.0

url:http://secunia.com/advisories/17634/

Trust: 1.7

url:http://securitytracker.com/alerts/2005/nov/1015242.html

Trust: 1.6

url:http://securitytracker.com/alerts/2005/nov/1015241.html

Trust: 1.6

url:http://www.securityfocus.com/bid/15500/

Trust: 1.6

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/23193

Trust: 1.0

url:http://www.hitachi.co.jp/prod/comp/soft1/global/prod/cosminexus/sol/epf/port_view.html

Trust: 0.6

url:http://www.hitachi.co.jp/prod/comp/soft1/global/prod/groupmax/index.html

Trust: 0.6

url:http://xforce.iss.net/xforce/xfdb/23193

Trust: 0.6

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/5795/

Trust: 0.1

url:http://www.hitachi-support.com/security_e/vuls_e/hs05-023_e/index-e.html

Trust: 0.1

url:http://secunia.com/product/6162/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/product/6161/

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: BID: 15500 // BID: 15498 // PACKETSTORM: 41644 // CNNVD: CNNVD-200512-378 // NVD: CVE-2005-4323

CREDITS

The vendor released this vulnerability.

Trust: 0.9

sources: BID: 15500 // CNNVD: CNNVD-200512-378

SOURCES

db:BIDid:15500
db:BIDid:15498
db:PACKETSTORMid:41644
db:CNNVDid:CNNVD-200512-378
db:NVDid:CVE-2005-4323

LAST UPDATE DATE

2024-08-14T14:22:53.022000+00:00


SOURCES UPDATE DATE

db:BIDid:15500date:2005-11-18T00:00:00
db:BIDid:15498date:2005-11-18T00:00:00
db:CNNVDid:CNNVD-200512-378date:2005-12-19T00:00:00
db:NVDid:CVE-2005-4323date:2017-07-20T01:29:13.267

SOURCES RELEASE DATE

db:BIDid:15500date:2005-11-18T00:00:00
db:BIDid:15498date:2005-11-18T00:00:00
db:PACKETSTORMid:41644date:2005-11-19T21:56:12
db:CNNVDid:CNNVD-200512-378date:2005-12-17T00:00:00
db:NVDid:CVE-2005-4323date:2005-12-17T11:03:00