Detections
Analytics

CA Host-Based Intrusion Prevention System Server Log Data XSS

medium Nessus Plugin ID 27527

Synopsis

The remote Windows host has an application that is affected by a cross-site scripting vulnerability.

Description

The remote host is running Computer Associates' Host-Based Intrusion Prevention System (CA HIPS) Server, an intrusion prevention system for Windows.

The version of CA HIPS Server installed on the remote Windows server is reportedly affected by a cross-site scripting issue because it fails to sanitize log data before displaying it. An attacker may be able to leverage this issue to inject arbitrary HTML or script code into the browser of an administrative user to be executed within the security context of the affected service.

Solution

Upgrade to CA HIPS version 8.0.0.93 by applying the patch referenced in the vendor advisory above.

See Also

http://www.nessus.org/u?52470381

Plugin Details

Severity: Medium

ID: 27527

File Name: ca_hips_log_injection.nasl

Version: 1.14

Type: local

Agent: windows

Family: Windows

Published: 10/23/2007

Updated: 6/27/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.0

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

Required KB Items: SMB/name, SMB/login, SMB/password

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 10/18/2007

Reference Information

CVE: CVE-2007-5472

BID: 26134

CWE: 79