Cogent DataHub < 7.3.5 Multiple Vulnerabilities
High Nessus Plugin ID 76147
SynopsisThe remote host is running an application that is affected by multiple vulnerabilities.
DescriptionThe remote host is running a version of Cogent DataHub, formerly known as Cascade DataHub and OFC DataHub, that is prior to 7.3.5. It is, therefore, affected by the following vulnerabilities :
- A directory traversal vulnerability exists due improper validation of user-supplied input to the directory specifier. A remote attacker can exploit this to access hard-coded files. (CVE-2014-2352)
- A cross-site scripting vulnerability exists due to improper validation of user-supplied input. An attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2014-2353)
- An overflow condition exists in the web server due to improper validation of user-supplied input when handling a negative content-length field. A remote attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code. (CVE-2014-3788)
- A command injection vulnerability exists in the 'GetPermissions.asp' active server page in the EvalExpresssion method due to improper sanitization of user-supplied input. A remote attacker can exploit this to execute arbitrary commands in the context of the DataHub process. (CVE-2014-3789)
- Multiple vulnerabilities exist related to the bundled OpenSSL 1.0.0d library.
SolutionUpgrade to Cogent DataHub version 7.3.5 or later.