Details of VAR-200708-0019

ID

VAR-200708-0019

CVE

CVE-2007-4317

TITLE

Zyxel Zywall 2 Run on device ZyNOS Management interface cross-site request forgery vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2007-005958

DESCRIPTION

Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters. ZyXEL ZyWALL 2 is prone to multiple remote vulnerabilities that affect the management interface. An attacker can exploit these issues to carry out cross-site request forgery, HTML-injection, and denial-of-service attacks. ZyWALL 2 running with firmware V3.62(WK.6) is reported vulnerable to this issue. ---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Download the free PSI BETA from the Secunia website: https://psi.secunia.com/ ---------------------------------------------------------------------- TITLE: ZyXEL ZyWALL / ZyNOS Cross-Site Request Forgery SECUNIA ADVISORY ID: SA26381 VERIFY ADVISORY: http://secunia.com/advisories/26381/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: ZyXEL ZyWALL Series http://secunia.com/product/147/ ZyXEL ZyNOS 3.x http://secunia.com/product/149/ DESCRIPTION: Henri Lindberg has reported a vulnerability in ZyXEL ZyWALL / ZyNOS, which can be exploited by malicious people to conduct cross-site request forgery attacks. NOTE: Reportedly, this can further be exploited to conduct script insertion attacks. Other versions may also be affected. SOLUTION: Do not browser untrusted sites while being logged in to the administrative section of the device. PROVIDED AND/OR DISCOVERED BY: Henri Lindberg of Louhi Networks. ORIGINAL ADVISORY: http://www.louhi.fi/advisory/zyxel_070810.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2007-4317 // JVNDB: JVNDB-2007-005958 // BID: 25262 // PACKETSTORM: 58606

AFFECTED PRODUCTS

vendor:	zyxel	model:	zynos	scope:	eq	version:	3.62	Trust: 1.6
vendor:	zyxel	model:	zywall 2	scope:	-	version:	-	Trust: 1.4
vendor:	zyxel	model:	zywall 2	scope:	eq	version:	*	Trust: 1.0
vendor:	zyxel	model:	zynos	scope:	eq	version:	3.62(wk.6)	Trust: 0.8
vendor:	zyxel	model:	zywall	scope:	eq	version:	23.62	Trust: 0.3

sources: BID: 25262 // JVNDB: JVNDB-2007-005958 // NVD: CVE-2007-4317 // CNNVD: CNNVD-200708-203

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2007-4317
value:	MEDIUM
Trust: 1.8
CNNVD:	CNNVD-200708-203
value:	MEDIUM
Trust: 0.6

NVD:
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2007-4317
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8

sources: JVNDB: JVNDB-2007-005958 // NVD: CVE-2007-4317 // CNNVD: CNNVD-200708-203

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-4317

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200708-203

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200708-203

CONFIGURATIONS

sources: NVD: CVE-2007-4317

PATCH

title:

Top Page

url:

http://www.zyxel.com/

Trust: 0.8

sources: JVNDB: JVNDB-2007-005958

EXTERNAL IDS

db:	NVD	id:	CVE-2007-4317	Trust: 2.7
db:	BID	id:	25262	Trust: 1.9
db:	SECUNIA	id:	26381	Trust: 1.7
db:	SREASON	id:	3002	Trust: 1.6
db:	OSVDB	id:	37670	Trust: 1.6
db:	JVNDB	id:	JVNDB-2007-005958	Trust: 0.8
db:	BUGTRAQ	id:	20070810 ZYXEL ZYWALL 2 MULTIPLE VULNERABILITIES	Trust: 0.6
db:	XF	id:	35913	Trust: 0.6
db:	CNNVD	id:	CNNVD-200708-203	Trust: 0.6
db:	PACKETSTORM	id:	58606	Trust: 0.1

sources: BID: 25262 // JVNDB: JVNDB-2007-005958 // PACKETSTORM: 58606 // NVD: CVE-2007-4317 // CNNVD: CNNVD-200708-203

REFERENCES

url:	http://www.louhi.fi/advisory/zyxel_070810.txt	Trust: 2.0
url:	http://osvdb.org/37670	Trust: 1.6
url:	http://secunia.com/advisories/26381	Trust: 1.6
url:	http://securityreason.com/securityalert/3002	Trust: 1.6
url:	http://www.securityfocus.com/bid/25262	Trust: 1.6
url:	http://www.securityfocus.com/archive/1/476031/100/0/threaded	Trust: 1.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/35913	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4317	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4317	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/35913	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/476031/100/0/threaded	Trust: 0.6
url:	http://us.zyxel.com/products/model.php?indexcate=1044940679&indexcate1=1123007871&indexflagvalue=1021873683	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/149/	Trust: 0.1
url:	http://secunia.com/product/147/	Trust: 0.1
url:	http://secunia.com/advisories/26381/	Trust: 0.1
url:	https://psi.secunia.com/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: BID: 25262 // JVNDB: JVNDB-2007-005958 // PACKETSTORM: 58606 // NVD: CVE-2007-4317 // CNNVD: CNNVD-200708-203

CREDITS

Henri Lindberg discovered these issues.

Trust: 0.9

sources: BID: 25262 // CNNVD: CNNVD-200708-203

SOURCES

db:	BID	id:	25262
db:	JVNDB	id:	JVNDB-2007-005958
db:	PACKETSTORM	id:	58606
db:	NVD	id:	CVE-2007-4317
db:	CNNVD	id:	CNNVD-200708-203

LAST UPDATE DATE

2023-12-18T12:32:15.314000+00:00

SOURCES UPDATE DATE

db:	BID	id:	25262	date:	2016-07-05T22:00:00
db:	JVNDB	id:	JVNDB-2007-005958	date:	2012-12-20T00:00:00
db:	NVD	id:	CVE-2007-4317	date:	2018-10-15T21:34:27.637
db:	CNNVD	id:	CNNVD-200708-203	date:	2007-08-14T00:00:00

SOURCES RELEASE DATE

db:	BID	id:	25262	date:	2007-08-10T00:00:00
db:	JVNDB	id:	JVNDB-2007-005958	date:	2012-12-20T00:00:00
db:	PACKETSTORM	id:	58606	date:	2007-08-15T19:37:35
db:	NVD	id:	CVE-2007-4317	date:	2007-08-13T21:17:00
db:	CNNVD	id:	CNNVD-200708-203	date:	2007-08-13T00:00:00