Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-1006

Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file.

Published

2005-05-02T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	sonicwall	soho_firmware	5.1.7.0	Yes
Hardware	sonicwall	soho	-	No

References

http://archives.neohapsis.com/archives/bugtraq/2005-04/0041.html Broken Link, Exploit ([email protected])
http://secunia.com/advisories/14823 Not Applicable ([email protected])
http://securitytracker.com/id?1013638 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.oliverkarow.de/research/SonicWall.txt Exploit, Third Party Advisory ([email protected])
http://www.osvdb.org/15261 Broken Link ([email protected])
http://www.osvdb.org/15262 Broken Link ([email protected])
http://www.securityfocus.com/bid/12984 Exploit, Third Party Advisory, VDB Entry ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/19958 Third Party Advisory, VDB Entry ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/19960 Third Party Advisory, VDB Entry ([email protected])
http://archives.neohapsis.com/archives/bugtraq/2005-04/0041.html Broken Link, Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/14823 Not Applicable (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1013638 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.oliverkarow.de/research/SonicWall.txt Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/15261 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/15262 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/12984 Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19958 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19960 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)