CA Host-Based Intrusion Prevention System Server Log Data XSS

Medium Nessus Plugin ID 27527


The remote Windows host has an application that is affected by a cross-site scripting vulnerability.


The remote host is running Computer Associates' Host-Based Intrusion Prevention System (CA HIPS) Server, an intrusion prevention system for Windows.

The version of CA HIPS Server installed on the remote Windows server is reportedly affected by a cross-site scripting issue because it fails to sanitize log data before displaying it. An attacker may be able to leverage this issue to inject arbitrary HTML or script code into the browser of an administrative user to be executed within the security context of the affected service.


Upgrade to CA HIPS version by applying the patch referenced in the vendor advisory above.

See Also

Plugin Details

Severity: Medium

ID: 27527

File Name: ca_hips_log_injection.nasl

Version: $Revision: 1.13 $

Type: local

Agent: windows

Family: Windows

Published: 2007/10/23

Modified: 2017/05/02

Dependencies: 13855

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/name, SMB/login, SMB/password

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2007/10/18

Reference Information

CVE: CVE-2007-5472

BID: 26134

OSVDB: 37998

CWE: 79