Episodex Guestbook Multiple Vulnerabilities (Auth Bypass, XSS)

high Nessus Plugin ID 18362

Synopsis

The remote web server contains an ASP application that is affected by several issues.

Description

The remote host is running the Episodex Guestbook, a guestbook written in ASP.

The version of Episodex installed on the remote host does not validate input to various fields in the 'default.asp' script before using it to generate dynamic HTML.

Additionally, an unauthenticated, remote attacker can edit settings by accessing the application's 'admin.asp' script directly.

Solution

Unknown at this time.

See Also

https://seclists.org/bugtraq/2005/May/248

Plugin Details

Severity: High

ID: 18362

File Name: episodex_guestbook.nasl

Version: 1.20

Type: remote

Family: CGI abuses

Published: 5/24/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: www/ASP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 5/21/2005

Reference Information

CVE: CVE-2005-1684, CVE-2005-1685

BID: 13692, 13693