Release DateNov 09, 2011 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a Cross Site Scripting vulnerability in raSMP.The vulnerability occurs because the user input filters fail to properly sanitize the "User-Agent" header that is passed to "index.php". An attacker may include shell commands by supplying an injection string through the HTTP header. |
Affected ProductsraSMP raSMP 2.0.0 |
Recommended ActionsCurrently we are not aware of any officially supplied patch for this issue. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-0084 |
