HTTP: Cobalt RAQ 4 Service.cgi Cross-site Script Attack

This signature detects attempts to exploit a known vulnerability in multiple scripts that ship with Cobalt RAQ 4 Server Management. Attackers can use cross-site scripting techniques to trick users into revealing sensitive information; attackers can use this information to further compromise the system.

Extended Description

RaQ is a server appliance originally developed by Cobalt. It is now distributed and maintained by Sun Microsystems. Due to insufficient sanitization of input, it is possible to execute script code on Cobalt RaQ systems. The problem occurs in the filtering of maliciously HTML tags when passed to the service.cgi and alert.cgi scripts. It has been reported that by passing malicious script code through the search.cgi or alert.cgi scripts, it may be possible to place malicious content on pages hosted by the RaQ server.

Affected Products

Cobalt raq

Short Name
HTTP:XSS:SERVICE-CGI
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
4 Attack CVE-2002-0346 Cobalt Cross-site RAQ Script Service.cgi bid:4211
Release Date
04/22/2003
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Sun

Cobalt

CVSS Score

7.5

Found a potential security threat?