GEN:SID | 1:3062 |
Message | WEB-CGI NetScreen SA 5000 delhomepage.cgi access |
Summary | This event is generated when an attempt is made to access the delhomepage.cgi script which contains known vulnerabilities and is resident on Netscreen SA 5000 devices.
|
Impact | Information gathering and possible cross site scripting attack.
|
Detailed Information | This event is generated when an attempt is made to access the delhomepage.cgi script which is known to be vulnerable to a cross site scripting attack
|
Affected Systems | Netscreen SA 5000
|
Attack Scenarios | An attacker can supply code of their choosing to a client system by using the cgi script as part of a cross site scripting attack.
|
Ease of Attack | Simple. No exploit software required.
|
Corrective Action | Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied.
|
Additional References | |
Rule References | bugtraq: 9791
|