| VID |
28116 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Hosting Controller which is older than version 6.1 Hotfix 2.1 is detected as installed on the host. Hosting Controller is a Web hosting automation tool for Microsoft Windows platforms. Hosting Controller versions prior to 6.1 Hotfix 2.1 are vulnerable to multiple vulnerabilities as follows:
1) A remote authenticated attacker could steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for the UserProfile.asp script.
2) An SQL injection vulnerability in the resellerresources.asp script could allow a remote attacker to execute arbitrary SQL commands via the jresourceid parameter.
3) Cross-site scripting (XSS) vulnerabilities in the sendpassword.asp and error.asp scripts could allow a remote attacker to inject arbitrary web script or HTML via the certain parameter.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://hostingcontroller.com/english/logs/hotfixlogv61_2_1.html
http://securitytracker.com/alerts/2005/May/1014062.html
http://securitytracker.com/alerts/2005/May/1014071.html
http://secunia.com/advisories/15540/
http://www.securityfocus.com/archive/1/403571/30/0/threaded
* Platforms Affected:
HostingController.com, Hosting Controller versions prior to 6.1 Hotfix 2.1
Microsoft Windows Any version |
| Recommendation |
Upgrade to the Hosting Controller version 6.1 and apply the latest Hotfix (2.1 or later), available from the Hosting Controller Web site at http://www.hostingcontroller.com |
| Related URL |
CVE-2005-1784,CVE-2005-1788,CVE-2005-2077 (CVE) |
| Related URL |
13806,13816,13829,14080 (SecurityFocus) |
| Related URL |
20833,21002,21207 (ISS) |
|
