Sign-up

ID

VAR-200803-0054


CVE

CVE-2008-1258


TITLE

IBM AIX nslookup fails to drop root privileges

Trust: 0.8

sources: CERT/CC: VU#18419

DESCRIPTION

Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attackers to inject arbitrary web script or HTML via the rf parameter. The nslookup command fails to drop privileges, allowing local attackers to gain root privileges. D-Link is an internationally renowned provider of network equipment and solutions, and its products include a variety of router equipment.  D-Link DI-524 has multiple vulnerabilities in processing user requests. Remote attackers may use these vulnerabilities to make device services unavailable or perform cross-site scripting attacks.  The D-Link DI-524 router does not properly handle the login request sent to the web interface. If the attacker sends a long username, it will trigger a crash; if the long HTTP header is sent, it may also cause the router's web server. collapse.  The D-Link DSL-G604T router did not properly filter the input passed to the var: category parameter in cgi-bin / webcm and returned it to the user, which could cause arbitrary HTML and script code to be executed in the user's browser session. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. D-Link is a network company founded by Taiwan D-Link Group, dedicated to the R&D, production and marketing of LAN, broadband network, wireless network, voice network and related network equipment. ---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: D-Link DI-604 "rf" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA29531 VERIFY ADVISORY: http://secunia.com/advisories/29531/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: D-Link DI-604 Broadband Router http://secunia.com/product/11068/ DESCRIPTION: Jonas has reported a vulnerability in D-Link DI-604, which can be exploited by malicious people to conduct cross-site scripting attacks. SOLUTION: Filter malicious characters and character sequences in a web proxy. PROVIDED AND/OR DISCOVERED BY: Jonas ORIGINAL ADVISORY: http://www.gnucitizen.org/projects/router-hacking-challenge/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.33

sources: NVD: CVE-2008-1258 // CERT/CC: VU#18419 // JVNDB: JVNDB-2008-002826 // CNVD: CNVD-2008-5921 // BID: 28439 // VULHUB: VHN-31383 // PACKETSTORM: 64862

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2008-5921

AFFECTED PRODUCTS

vendor:d linkmodel:di-604scope: - version: -

Trust: 1.7

vendor:d linkmodel:di-604scope:eqversion:*

Trust: 1.0

vendor:ibmmodel: - scope: - version: -

Trust: 0.8

vendor:nonemodel: - scope: - version: -

Trust: 0.6

vendor:d linkmodel:dsl-g604tscope: - version: -

Trust: 0.3

vendor:d linkmodel:di-524scope:eqversion:0

Trust: 0.3

sources: CERT/CC: VU#18419 // CNVD: CNVD-2008-5921 // BID: 28439 // JVNDB: JVNDB-2008-002826 // CNNVD: CNNVD-200803-136 // NVD: CVE-2008-1258

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-1258
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#18419
value: 2.76

Trust: 0.8

NVD: CVE-2008-1258
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200803-136
value: MEDIUM

Trust: 0.6

VULHUB: VHN-31383
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-1258
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-31383
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#18419 // VULHUB: VHN-31383 // JVNDB: JVNDB-2008-002826 // CNNVD: CNNVD-200803-136 // NVD: CVE-2008-1258

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-31383 // JVNDB: JVNDB-2008-002826 // NVD: CVE-2008-1258

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200803-136

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 64862 // CNNVD: CNNVD-200803-136

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-002826

PATCH
title:Top Pageurl:http://www.dlink.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-002826

EXTERNAL IDS
db:NVDid:CVE-2008-1258
Trust: 3.4
db:BIDid:28439
Trust: 2.0
db:SECUNIAid:29531
Trust: 1.8
db:XFid:604
Trust: 1.4
db:CERT/CCid:VU#18419
Trust: 0.8
db:JVNDBid:JVNDB-2008-002826
Trust: 0.8
db:CNNVDid:CNNVD-200803-136
Trust: 0.7
db:CNVDid:CNVD-2008-5921
Trust: 0.6
db:BUGTRAQid:20080301 THE ROUTER HACKING CHALLENGE IS OVER!
Trust: 0.6
db:XFid:41122
Trust: 0.6
db:VULHUBid:VHN-31383
Trust: 0.1
db:PACKETSTORMid:64862
Trust: 0.1
sources:
            
            
            CERT/CC: VU#18419 // 
            
            
            
            CNVD: CNVD-2008-5921 // 
            
            
            
            VULHUB: VHN-31383 // 
            
            
            
            BID: 28439 // 
            
            
            
            JVNDB: JVNDB-2008-002826 // 
            
            
            
            PACKETSTORM: 64862 // 
            
            
            
            CNNVD: CNNVD-200803-136 // 
            
            
            
            NVD: CVE-2008-1258

REFERENCES
url:http://www.gnucitizen.org/projects/router-hacking-challenge/
Trust: 2.1
url:http://www.securityfocus.com/bid/28439
Trust: 1.7
url:http://secunia.com/advisories/29531
Trust: 1.7
url:http://www.securityfocus.com/archive/1/489009/100/0/threaded
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/41122
Trust: 1.1
url:http://xforce.iss.net/static/604.php
Trust: 0.8
url:http://groups.google.com/groups?q=ers-sva-e01-1997:008.1&hl=en&rnum=3&selm=6383r7%24kts%243%40watnews1.watson.ibm.com
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1258
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1258
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/489009/100/0/threaded
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/41122
Trust: 0.6
url:http://www.d-link.com/
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:https://psi.secunia.com/?page=changelog
Trust: 0.1
url:https://psi.secunia.com/
Trust: 0.1
url:http://secunia.com/product/11068/
Trust: 0.1
url:http://secunia.com/advisories/29531/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#18419 // 
            
            
            
            VULHUB: VHN-31383 // 
            
            
            
            BID: 28439 // 
            
            
            
            JVNDB: JVNDB-2008-002826 // 
            
            
            
            PACKETSTORM: 64862 // 
            
            
            
            CNNVD: CNNVD-200803-136 // 
            
            
            
            NVD: CVE-2008-1258

CREDITS
Gareth Heyeslaurent
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200803-136

SOURCES
db:CERT/CCid:VU#18419
db:CNVDid:CNVD-2008-5921
db:VULHUBid:VHN-31383
db:BIDid:28439
db:JVNDBid:JVNDB-2008-002826
db:PACKETSTORMid:64862
db:CNNVDid:CNNVD-200803-136
db:NVDid:CVE-2008-1258

LAST UPDATE DATE
2025-04-10T21:27:20.632000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#18419date:2001-09-27T00:00:00
db:CNVDid:CNVD-2008-5921date:2008-12-07T00:00:00
db:VULHUBid:VHN-31383date:2018-10-11T00:00:00
db:BIDid:28439date:2008-03-26T16:10:00
db:JVNDBid:JVNDB-2008-002826date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200803-136date:2008-09-05T00:00:00
db:NVDid:CVE-2008-1258date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:CERT/CCid:VU#18419date:2001-09-26T00:00:00
db:CNVDid:CNVD-2008-5921date:2008-12-07T00:00:00
db:VULHUBid:VHN-31383date:2008-03-10T00:00:00
db:BIDid:28439date:2008-03-25T00:00:00
db:JVNDBid:JVNDB-2008-002826date:2012-06-26T00:00:00
db:PACKETSTORMid:64862date:2008-03-26T00:09:25
db:CNNVDid:CNNVD-200803-136date:2008-03-10T00:00:00
db:NVDid:CVE-2008-1258date:2008-03-10T17:44:00