Sign-up

ID

VAR-200805-0355


CVE

CVE-2008-2165


TITLE

Cisco Building Broadband Service Manager (BBSM) Captive Portal Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2008-002019

DESCRIPTION

Cross-site scripting (XSS) vulnerability in AccessCodeStart.asp in Cisco Building Broadband Service Manager (BBSM) Captive Portal 5.3 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. Cisco BBSM 5.3 is vulnerable; other versions may also be affected. ---------------------------------------------------------------------- Secunia Network Software Inspector 2.0 (NSI) - Public Beta The Public Beta has ended. Thanks to all that participated. Input passed to the "msg" parameter in AccessCodeStart.asp is not properly sanitised before being returned to a user. SOLUTION: Apply patch BBSMPatch5332.zip. http://tools.cisco.com/support/downloads/go/ImageList.x?relVer=5.3&mdfid=278455427&sftType=Building%20Broadband%20Service%20Manager%20(BBSM)%20Updates&optPlat=&nodecount=2&edesignator=null&modelName=Cisco%20Building%20Broadband%20Service%20Manager%205.3&treeMdfId=281527126&treeName=Network%20Monitoring%20and%20Management PROVIDED AND/OR DISCOVERED BY: Brad Antoniewicz ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2008-05/0166.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-2165 // JVNDB: JVNDB-2008-002019 // BID: 29191 // VULHUB: VHN-32290 // PACKETSTORM: 66354

AFFECTED PRODUCTS

vendor:ciscomodel:building broadband service managerscope:eqversion:5.3

Trust: 1.9

vendor:ciscomodel:building broadband service managerscope:eqversion:captive portal 5.3

Trust: 0.8

sources: BID: 29191 // JVNDB: JVNDB-2008-002019 // CNNVD: CNNVD-200805-204 // NVD: CVE-2008-2165

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-2165
value: MEDIUM

Trust: 1.0

NVD: CVE-2008-2165
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200805-204
value: MEDIUM

Trust: 0.6

VULHUB: VHN-32290
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-2165
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-32290
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-32290 // JVNDB: JVNDB-2008-002019 // CNNVD: CNNVD-200805-204 // NVD: CVE-2008-2165

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.9

sources: VULHUB: VHN-32290 // JVNDB: JVNDB-2008-002019 // NVD: CVE-2008-2165

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200805-204

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 66354 // CNNVD: CNNVD-200805-204

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-002019

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-32290

PATCH
title:Top Pageurl:http://www.cisco.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-002019

EXTERNAL IDS
db:NVDid:CVE-2008-2165
Trust: 2.8
db:BIDid:29191
Trust: 2.0
db:SECUNIAid:30222
Trust: 1.8
db:SECTRACKid:1020018
Trust: 1.7
db:VUPENid:ADV-2008-1535
Trust: 1.7
db:SREASONid:3895
Trust: 1.7
db:JVNDBid:JVNDB-2008-002019
Trust: 0.8
db:CNNVDid:CNNVD-200805-204
Trust: 0.7
db:BUGTRAQid:20080514 RE: CISCO BBSM CAPTIVE PORTAL CROSS-SITE SCRIPTING
Trust: 0.6
db:BUGTRAQid:20080513 CISCO BBSM CAPTIVE PORTAL CROSS-SITE SCRIPTING
Trust: 0.6
db:XFid:42395
Trust: 0.6
db:PACKETSTORMid:66315
Trust: 0.1
db:SEEBUGid:SSVID-85101
Trust: 0.1
db:VULHUBid:VHN-32290
Trust: 0.1
db:PACKETSTORMid:66354
Trust: 0.1
sources:
            
            
            VULHUB: VHN-32290 // 
            
            
            
            BID: 29191 // 
            
            
            
            JVNDB: JVNDB-2008-002019 // 
            
            
            
            PACKETSTORM: 66354 // 
            
            
            
            CNNVD: CNNVD-200805-204 // 
            
            
            
            NVD: CVE-2008-2165

REFERENCES
url:http://www.securityfocus.com/bid/29191
Trust: 1.7
url:http://securitytracker.com/id?1020018
Trust: 1.7
url:http://secunia.com/advisories/30222
Trust: 1.7
url:http://securityreason.com/securityalert/3895
Trust: 1.7
url:http://www.securityfocus.com/archive/1/492043/100/0/threaded
Trust: 1.1
url:http://www.securityfocus.com/archive/1/492093/100/0/threaded
Trust: 1.1
url:http://www.vupen.com/english/advisories/2008/1535
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/42395
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2165
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2165
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/42395
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/492093/100/0/threaded
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/492043/100/0/threaded
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2008/1535
Trust: 0.6
url:http://cisco.com/univercd/cc/td/doc/product/aggr/bbsm/index.htm
Trust: 0.3
url:http://www.cisco.com
Trust: 0.3
url:/archive/1/492093
Trust: 0.3
url:http://archives.neohapsis.com/archives/bugtraq/2008-05/0166.html
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/18664/
Trust: 0.1
url:http://secunia.com/network_software_inspector_2/
Trust: 0.1
url:http://tools.cisco.com/support/downloads/go/imagelist.x?relver=5.3&mdfid=278455427&sfttype=building%20broadband%20service%20manager%20(bbsm)%20updates&optplat=&nodecount=2&edesignator=null&modelname=cisco%20building%20broadband%20service%20manager%205.3&treemdfid=281527126&treename=network%20monitoring%20and%20management
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/advisories/30222/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-32290 // 
            
            
            
            BID: 29191 // 
            
            
            
            JVNDB: JVNDB-2008-002019 // 
            
            
            
            PACKETSTORM: 66354 // 
            
            
            
            CNNVD: CNNVD-200805-204 // 
            
            
            
            NVD: CVE-2008-2165

CREDITS
Brad Antoniewicz  Brad.Antoniewicz@foundstone.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200805-204

SOURCES
db:VULHUBid:VHN-32290
db:BIDid:29191
db:JVNDBid:JVNDB-2008-002019
db:PACKETSTORMid:66354
db:CNNVDid:CNNVD-200805-204
db:NVDid:CVE-2008-2165

LAST UPDATE DATE
2025-04-10T23:16:35.453000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-32290date:2018-10-11T00:00:00
db:BIDid:29191date:2008-05-14T18:05:00
db:JVNDBid:JVNDB-2008-002019date:2008-12-19T00:00:00
db:CNNVDid:CNNVD-200805-204date:2009-01-29T00:00:00
db:NVDid:CVE-2008-2165date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-32290date:2008-05-16T00:00:00
db:BIDid:29191date:2008-05-13T00:00:00
db:JVNDBid:JVNDB-2008-002019date:2008-12-19T00:00:00
db:PACKETSTORMid:66354date:2008-05-15T04:56:37
db:CNNVDid:CNNVD-200805-204date:2008-05-16T00:00:00
db:NVDid:CVE-2008-2165date:2008-05-16T12:54:00