Akamai Red Swoosh < 3333 referer Header Cross-Site Request Forgery

This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.


Synopsis :

A remote Windows host contains a program that is affected by a
cross-site request forgery vulnerability.

Description :

The remote host is running Akamai Red Swoosh client, which handles
software distribution via the Swoosh network.

The version of Red Swoosh installed on the remote host includes a web
server that listens on the loopback interface for management commands
but it fails to properly sanitize the HTTP Referer header. By tricking
a user on the affected host into visiting a specially crafted web
page, an attacker can leverage this issue to cause files from
arbitrary URLs to be downloaded and executed on the remote host
subject to the user's privileges.

See also :

http://secunia.com/secunia_research/2008-19/advisory/
http://www.securityfocus.com/archive/1/493170/30/0/threaded

Solution :

Update to Red Swoosh version 3333 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 33126 ()

Bugtraq ID: 29587

CVE ID: CVE-2008-1106

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now