CVE-2008-4918
published 2008-11-04CVE-2008-4918: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote…
PriorityP424medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
6.42%
92.8th percentile
Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is not properly handled in the CFS block page, aka "universal website hijacking."
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicwall | sonicos | — | — |
| sonicwall | sonicos_enhanced | < 4.0.1.1 | 4.0.1.1 |
| sonicwall | tz_series | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xp58-h76m-67p4: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4
ghsa_unreviewed·2022-05-14
CVE-2008-4918 [MEDIUM] CWE-79 GHSA-xp58-h76m-67p4: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4
Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is not properly handled in the CFS block page, aka "universal website hijacking."
SonicWall
CVE-2008-4918: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote
vendor_sonicwall·2008-11-04·CVSS 4.3
CVE-2008-4918 [MEDIUM] CWE-79 CVE-2008-4918: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote
CVE-2008-4918: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is not properly handled in the CFS block page, aka "universal website hijacking."
No detection rules found.
Exploit-DB
Cain & Abel 4.9.24 - RDP Buffer Overflow (Metasploit)
exploitdb·2010-11-24
CVE-2008-5405 Cain & Abel 4.9.24 - RDP Buffer Overflow (Metasploit)
Cain & Abel 4.9.24 - RDP Buffer Overflow (Metasploit)
---
##
# $Id: cain_abel_4918_rdp.rb 11127 2010-11-24 19:35:38Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Cain & Abel %q{
This module exploits a stack-based buffer overflow in the Cain & Abel v4.9.24
and below. An attacker must send the file to victim, and the victim must open
the specially crafted RDP file under Tools -> Remote Desktop Password Decoder.
},
'License' => MSF_LICENSE,
'Author' => [ 'Trancek ' ],
'Version' => '$Revision: 11127 $',
'References' =>
[
[ 'CVE', '20
Exploit-DB
SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting
exploitdb·2008-10-30
CVE-2008-4918 SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting
SonicWALL - Content Filtering Blocked Site Error Page Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/31998/info
SonicWALL Content Filtering is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input when displaying URI address data in a blocked-site error page.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of an arbitrary site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Versions prior to SonicWALL Content Filtering on SonicOS Enhanced 4.0.1.1 are vulnerable.
http://www.example.com/fuckalert(document.cookie
No writeups or analysis indexed.
http://secunia.com/advisories/32498http://securityreason.com/securityalert/4556http://www.gnucitizen.org/blog/new-technique-to-perform-universal-website-hijacking/http://www.securityfocus.com/archive/1/497948/100/0/threadedhttp://www.securityfocus.com/archive/1/497958/100/0/threadedhttp://www.securityfocus.com/archive/1/497968/100/0/threadedhttp://www.securityfocus.com/archive/1/497989/100/0/threadedhttp://www.securityfocus.com/archive/1/498043/100/0/threadedhttp://www.securityfocus.com/archive/1/498073/100/0/threadedhttp://www.securityfocus.com/bid/31998http://www.sonicwall.com/downloads/SonicOS_Enhanced_4.0.1.1_Release_Notes.pdfhttp://www.vupen.com/english/advisories/2008/2970http://www.zerodayinitiative.com/advisories/ZDI-08-070http://www.zerodayinitiative.com/advisories/ZDI-08-070/https://exchange.xforce.ibmcloud.com/vulnerabilities/46232http://secunia.com/advisories/32498http://securityreason.com/securityalert/4556http://www.gnucitizen.org/blog/new-technique-to-perform-universal-website-hijacking/http://www.securityfocus.com/archive/1/497948/100/0/threadedhttp://www.securityfocus.com/archive/1/497958/100/0/threadedhttp://www.securityfocus.com/archive/1/497968/100/0/threadedhttp://www.securityfocus.com/archive/1/497989/100/0/threadedhttp://www.securityfocus.com/archive/1/498043/100/0/threadedhttp://www.securityfocus.com/archive/1/498073/100/0/threadedhttp://www.securityfocus.com/bid/31998http://www.sonicwall.com/downloads/SonicOS_Enhanced_4.0.1.1_Release_Notes.pdfhttp://www.vupen.com/english/advisories/2008/2970http://www.zerodayinitiative.com/advisories/ZDI-08-070http://www.zerodayinitiative.com/advisories/ZDI-08-070/https://exchange.xforce.ibmcloud.com/vulnerabilities/46232
2008-11-04
Published