SonicWall SOHO3内容阻止脚本注入漏洞

漏洞信息详情

SonicWall SOHO3内容阻止脚本注入漏洞

• CNNVD编号：CNNVD-200212-799
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2002-2341
  
• 漏洞类型：
  
  
  跨站脚本
  
• 发布时间：
  
  2002-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2002-12-31
  
• 厂        商：
  
  sonicwall
• 漏洞来源：
  .’);”>Credited to “E M” …

SonicWALL SOHO3 6.3.0.0版本content blocking存在跨站脚本攻击(XSS)漏洞。远程攻击者借助封锁的URL注入任意web脚本。

Resolution
The work-arounds described above will resolve the vulnerability until a permanent resolution is developed. Sonicwall is working on a fix for this issue that will be available with the release of the next version of SonicWALL firmware. If you require additional assistance with this vulnerability, please visit SonicWALL’s Technical Support site at:
http://www.customer.mysonicwall.com/ecustomer/start.swe?SWECmd=Login.

来源: BID
名称: 4755
链接:http://www.securityfocus.com/bid/4755

来源: XF
名称: sonicwall-soho3-script-injection(9103)
链接:http://www.iss.net/security_center/static/9103.php