IOS HTTP Server Command Injection Vulnerability

This script is (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

A vulnerability exists in the IOS HTTP server in which HTML code
inserted into dynamically-generated output, such as the output from a
show buffers command, will be passed to the browser requesting the
page. This HTML code could be interpreted by the client browser and
potentially execute malicious commands against the device or execute
other possible cross-site scripting attacks. Successful exploitation
of this vulnerability requires that a user browse a page containing
dynamic content in which HTML commands have been injected.

Cisco will be making free software available to address this
vulnerability for affected customers. There are workarounds available
to mitigate the effects of the vulnerability.

See also :

http://www.nessus.org/u?ecf79a12
http://www.nessus.org/u?21ef7230
http://www.nessus.org/u?80c1f432
http://www.nessus.org/u?642a62ef

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20051201-http.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 48991 (cisco-sa-20051201-httphttp.nasl)

Bugtraq ID: 15602

CVE ID: CVE-2005-3921

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now