CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2008-3821

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.
Publish Date : 2009-01-16 Last Update Date : 2009-02-05
Collapse All   Expand All   Select   Select&Copy  
Related Tweets   Even more tweets   Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

Cvss Score
4.3
Confidentiality Impact None (There is no impact to the confidentiality of the system.)
Integrity Impact Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact None (There is no impact to the availability of the system.)
Access Complexity Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Cross Site Scripting
CWE ID 79

- Products Affected By CVE-2008-3821

# Product Type Vendor Product Version Update Edition Language
1 Hardware Cisco IOS 12.0xb Details Vulnerabilities
2 Hardware Cisco IOS 12.0xv Details Vulnerabilities
3 Hardware Cisco IOS 12.0sl Details Vulnerabilities
4 Hardware Cisco IOS 12.0xh Details Vulnerabilities
5 Hardware Cisco IOS 12.0s Details Vulnerabilities
6 Hardware Cisco IOS 12.0sp Details Vulnerabilities
7 Hardware Cisco IOS 12.0xm Details Vulnerabilities
8 Hardware Cisco IOS 12.0xa Details Vulnerabilities
9 Hardware Cisco IOS 12.0xt Details Vulnerabilities
10 Hardware Cisco IOS 12.0sc Details Vulnerabilities
11 Hardware Cisco IOS 12.0xg Details Vulnerabilities
12 Hardware Cisco IOS 12.0db Details Vulnerabilities
13 Hardware Cisco IOS 12.0xl Details Vulnerabilities
14 Hardware Cisco IOS 12.0xs Details Vulnerabilities
15 Hardware Cisco IOS 12.0dc Details Vulnerabilities
16 Hardware Cisco IOS 12.0wc Details Vulnerabilities
17 Hardware Cisco IOS 12.0xe Details Vulnerabilities
18 Hardware Cisco IOS 12.0da Details Vulnerabilities
19 Hardware Cisco IOS 12.0xk Details Vulnerabilities
20 Hardware Cisco IOS 12.0w Details Vulnerabilities
21 Hardware Cisco IOS 12.0xr Details Vulnerabilities
22 Hardware Cisco IOS 12.0xd Details Vulnerabilities
23 Hardware Cisco IOS 12.0 Details Vulnerabilities
24 Hardware Cisco IOS 12.0xj Details Vulnerabilities
25 Hardware Cisco IOS 12.0sz Details Vulnerabilities
26 Hardware Cisco IOS 12.0t Details Vulnerabilities
27 Hardware Cisco IOS 12.0xq Details Vulnerabilities
28 Hardware Cisco IOS 12.0st Details Vulnerabilities
29 Hardware Cisco IOS 12.0xc Details Vulnerabilities
30 Hardware Cisco IOS 12.0xi Details Vulnerabilities
31 Hardware Cisco IOS 12.0sx Details Vulnerabilities
32 Hardware Cisco IOS 12.0sy Details Vulnerabilities
33 Hardware Cisco IOS 12.0xn Details Vulnerabilities
34 Hardware Cisco IOS 12.1 Details Vulnerabilities
35 Hardware Cisco IOS 12.1gb Details Vulnerabilities
36 Hardware Cisco IOS 12.1xr Details Vulnerabilities
37 Hardware Cisco IOS 12.1yi Details Vulnerabilities
38 Hardware Cisco IOS 12.1eb Details Vulnerabilities
39 Hardware Cisco IOS 12.1xd Details Vulnerabilities
40 Hardware Cisco IOS 12.1xw Details Vulnerabilities
41 Hardware Cisco IOS 12.1db Details Vulnerabilities
42 Hardware Cisco IOS 12.1eu Details Vulnerabilities
43 Hardware Cisco IOS 12.1xi Details Vulnerabilities
44 Hardware Cisco IOS 12.1yc Details Vulnerabilities
45 Hardware Cisco IOS 12.1ga Details Vulnerabilities
46 Hardware Cisco IOS 12.1xq Details Vulnerabilities
47 Hardware Cisco IOS 12.1yh Details Vulnerabilities
48 Hardware Cisco IOS 12.1dc Details Vulnerabilities
49 Hardware Cisco IOS 12.1xc Details Vulnerabilities
50 Hardware Cisco IOS 12.1xv Details Vulnerabilities
51 Hardware Cisco IOS 12.1xh Details Vulnerabilities
52 Hardware Cisco IOS 12.1yb Details Vulnerabilities
53 Hardware Cisco IOS 12.1eo Details Vulnerabilities
54 Hardware Cisco IOS 12.1ez Details Vulnerabilities
55 Hardware Cisco IOS 12.1xp Details Vulnerabilities
56 Hardware Cisco IOS 12.1yf Details Vulnerabilities
57 Hardware Cisco IOS 12.1da Details Vulnerabilities
58 Hardware Cisco IOS 12.1xb Details Vulnerabilities
59 Hardware Cisco IOS 12.1xu Details Vulnerabilities
60 Hardware Cisco IOS 12.1ya Details Vulnerabilities
61 Hardware Cisco IOS 12.1aa Details Vulnerabilities
62 Hardware Cisco IOS 12.1xg Details Vulnerabilities
63 Hardware Cisco IOS 12.1ey Details Vulnerabilities
64 Hardware Cisco IOS 12.1xm Details Vulnerabilities
65 Hardware Cisco IOS 12.1ye Details Vulnerabilities
66 Hardware Cisco IOS 12.1cx Details Vulnerabilities
67 Hardware Cisco IOS 12.1xa Details Vulnerabilities
68 Hardware Cisco IOS 12.1xt Details Vulnerabilities
69 Hardware Cisco IOS 12.1xz Details Vulnerabilities
70 Hardware Cisco IOS 12.1ax Details Vulnerabilities
71 Hardware Cisco IOS 12.1xf Details Vulnerabilities
72 Hardware Cisco IOS 12.1ex Details Vulnerabilities
73 Hardware Cisco IOS 12.1xl Details Vulnerabilities
74 Hardware Cisco IOS 12.1yd Details Vulnerabilities
75 Hardware Cisco IOS 12.1ay Details Vulnerabilities
76 Hardware Cisco IOS 12.1t Details Vulnerabilities
77 Hardware Cisco IOS 12.1xs Details Vulnerabilities
78 Hardware Cisco IOS 12.1yj Details Vulnerabilities
79 Hardware Cisco IOS 12.1ec Details Vulnerabilities
80 Hardware Cisco IOS 12.1xe Details Vulnerabilities
81 Hardware Cisco IOS 12.1xy Details Vulnerabilities
82 Hardware Cisco IOS 12.1ew Details Vulnerabilities
83 Hardware Cisco IOS 12.1xj Details Vulnerabilities
84 Hardware Cisco IOS 12.1xx Details Vulnerabilities
85 Hardware Cisco IOS 12.2yk Details Vulnerabilities
86 Hardware Cisco IOS 12.2ixc Details Vulnerabilities
87 Hardware Cisco IOS 12.2sx Details Vulnerabilities
88 Hardware Cisco IOS 12.2yb Details Vulnerabilities
89 Hardware Cisco IOS 12.2zd Details Vulnerabilities
90 Hardware Cisco IOS 12.2svc Details Vulnerabilities
91 Hardware Cisco IOS 12.2zl Details Vulnerabilities
92 Hardware Cisco IOS 12.2cy Details Vulnerabilities
93 Hardware Cisco IOS 12.2yx Details Vulnerabilities
94 Hardware Cisco IOS 12.2dx Details Vulnerabilities
95 Hardware Cisco IOS 12.2seb Details Vulnerabilities
96 Hardware Cisco IOS 12.2sxf Details Vulnerabilities
97 Hardware Cisco IOS 12.2by Details Vulnerabilities
98 Hardware Cisco IOS 12.2yj Details Vulnerabilities
99 Hardware Cisco IOS 12.2sga Details Vulnerabilities
100 Hardware Cisco IOS 12.2xd Details Vulnerabilities
101 Hardware Cisco IOS 12.2xb Details Vulnerabilities
102 Hardware Cisco IOS 12.2yu Details Vulnerabilities
103 Hardware Cisco IOS 12.2ja Details Vulnerabilities
104 Hardware Cisco IOS 12.2xq Details Vulnerabilities
105 Hardware Cisco IOS 12.2zy Details Vulnerabilities
106 Hardware Cisco IOS 12.2ez Details Vulnerabilities
107 Hardware Cisco IOS 12.2yg Details Vulnerabilities
108 Hardware Cisco IOS 12.2ixb Details Vulnerabilities
109 Hardware Cisco IOS 12.2sw Details Vulnerabilities
110 Hardware Cisco IOS 12.2xj Details Vulnerabilities
111 Hardware Cisco IOS 12.2ya Details Vulnerabilities
112 Hardware Cisco IOS 12.2zc Details Vulnerabilities
113 Hardware Cisco IOS 12.2sva Details Vulnerabilities
114 Hardware Cisco IOS 12.2zj Details Vulnerabilities
115 Hardware Cisco IOS 12.2cx Details Vulnerabilities
116 Hardware Cisco IOS 12.2yr Details Vulnerabilities
117 Hardware Cisco IOS 12.2dd Details Vulnerabilities
118 Hardware Cisco IOS 12.2sea Details Vulnerabilities
119 Hardware Cisco IOS 12.2sxe Details Vulnerabilities
120 Hardware Cisco IOS 12.2bx Details Vulnerabilities
121 Hardware Cisco IOS 12.2yh Details Vulnerabilities
122 Hardware Cisco IOS 12.2xc Details Vulnerabilities
123 Hardware Cisco IOS 12.2tpc Details Vulnerabilities
124 Hardware Cisco IOS 12.2yt Details Vulnerabilities
125 Hardware Cisco IOS 12.2ixg Details Vulnerabilities
126 Hardware Cisco IOS 12.2xn Details Vulnerabilities
127 Hardware Cisco IOS 12.2zu Details Vulnerabilities
128 Hardware Cisco IOS 12.2ey Details Vulnerabilities
129 Hardware Cisco IOS 12.2sg Details Vulnerabilities
130 Hardware Cisco IOS 12.2ye Details Vulnerabilities
131 Hardware Cisco IOS 12.2ixa Details Vulnerabilities
132 Hardware Cisco IOS 12.2sv Details Vulnerabilities
133 Hardware Cisco IOS 12.2xi Details Vulnerabilities
134 Hardware Cisco IOS 12.2xw Details Vulnerabilities
135 Hardware Cisco IOS 12.2zb Details Vulnerabilities
136 Hardware Cisco IOS 12.2sr Details Vulnerabilities
137 Hardware Cisco IOS 12.2zx Details Vulnerabilities
138 Hardware Cisco IOS 12.2bc Details Vulnerabilities
139 Hardware Cisco IOS 12.2yq Details Vulnerabilities
140 Hardware Cisco IOS 12.2da Details Vulnerabilities
141 Hardware Cisco IOS 12.2se Details Vulnerabilities
142 Hardware Cisco IOS 12.2sxd Details Vulnerabilities
143 Hardware Cisco IOS 12.2b Details Vulnerabilities
144 Hardware Cisco IOS 12.2yf Details Vulnerabilities
145 Hardware Cisco IOS 12.2srb Details Vulnerabilities
146 Hardware Cisco IOS 12.2zh Details Vulnerabilities
147 Hardware Cisco IOS 12.2xo Details Vulnerabilities
148 Hardware Cisco IOS 12.2t Details Vulnerabilities
149 Hardware Cisco IOS 12.2yn Details Vulnerabilities
150 Hardware Cisco IOS 12.2ixf Details Vulnerabilities
151 Hardware Cisco IOS 12.2xl Details Vulnerabilities
152 Hardware Cisco IOS 12.2zg Details Vulnerabilities
153 Hardware Cisco IOS 12.2ex Details Vulnerabilities
154 Hardware Cisco IOS 12.2seg Details Vulnerabilities
155 Hardware Cisco IOS 12.2xa Details Vulnerabilities
156 Hardware Cisco IOS 12.2fz Details Vulnerabilities
157 Hardware Cisco IOS 12.2su Details Vulnerabilities
158 Hardware Cisco IOS 12.2xh Details Vulnerabilities
159 Hardware Cisco IOS 12.2xu Details Vulnerabilities
160 Hardware Cisco IOS 12.2yy Details Vulnerabilities
161 Hardware Cisco IOS 12.2sef Details Vulnerabilities
162 Hardware Cisco IOS 12.2s Details Vulnerabilities
163 Hardware Cisco IOS 12.2xv Details Vulnerabilities
164 Hardware Cisco IOS 12.2sb Details Vulnerabilities
165 Hardware Cisco IOS 12.2yp Details Vulnerabilities
166 Hardware Cisco IOS 12.2bz Details Vulnerabilities
167 Hardware Cisco IOS 12.2mb Details Vulnerabilities
168 Hardware Cisco IOS 12.2sxb Details Vulnerabilities
169 Hardware Cisco IOS 12.2 Details Vulnerabilities
170 Hardware Cisco IOS 12.2yd Details Vulnerabilities
171 Hardware Cisco IOS 12.2so Details Vulnerabilities
172 Hardware Cisco IOS 12.2zf Details Vulnerabilities
173 Hardware Cisco IOS 12.2sve Details Vulnerabilities
174 Hardware Cisco IOS 12.2mc Details Vulnerabilities
175 Hardware Cisco IOS 12.2ym Details Vulnerabilities
176 Hardware Cisco IOS 12.2ixe Details Vulnerabilities
177 Hardware Cisco IOS 12.2xk Details Vulnerabilities
178 Hardware Cisco IOS 12.2za Details Vulnerabilities
179 Hardware Cisco IOS 12.2ewa Details Vulnerabilities
180 Hardware Cisco IOS 12.2sed Details Vulnerabilities
181 Hardware Cisco IOS 12.2sz Details Vulnerabilities
182 Hardware Cisco IOS 12.2fy Details Vulnerabilities
183 Hardware Cisco IOS 12.2sra Details Vulnerabilities
184 Hardware Cisco IOS 12.2xg Details Vulnerabilities
185 Hardware Cisco IOS 12.2xt Details Vulnerabilities
186 Hardware Cisco IOS 12.2yw Details Vulnerabilities
187 Hardware Cisco IOS 12.2see Details Vulnerabilities
188 Hardware Cisco IOS 12.2xs Details Vulnerabilities
189 Hardware Cisco IOS 12.2yo Details Vulnerabilities
190 Hardware Cisco IOS 12.2bw Details Vulnerabilities
191 Hardware Cisco IOS 12.2ixd Details Vulnerabilities
192 Hardware Cisco IOS 12.2sxa Details Vulnerabilities
193 Hardware Cisco IOS 12.2yc Details Vulnerabilities
194 Hardware Cisco IOS 12.2sbc Details Vulnerabilities
195 Hardware Cisco IOS 12.2ze Details Vulnerabilities
196 Hardware Cisco IOS 12.2svd Details Vulnerabilities
197 Hardware Cisco IOS 12.2yl Details Vulnerabilities
198 Hardware Cisco IOS 12.2zp Details Vulnerabilities
199 Hardware Cisco IOS 12.2xf Details Vulnerabilities
200 Hardware Cisco IOS 12.2yz Details Vulnerabilities
201 Hardware Cisco IOS 12.2ew Details Vulnerabilities
202 Hardware Cisco IOS 12.2sec Details Vulnerabilities
203 Hardware Cisco IOS 12.2sy Details Vulnerabilities
204 Hardware Cisco IOS 12.2cz Details Vulnerabilities
205 Hardware Cisco IOS 12.2sm Details Vulnerabilities
206 Hardware Cisco IOS 12.2xe Details Vulnerabilities
207 Hardware Cisco IOS 12.2xm Details Vulnerabilities
208 Hardware Cisco IOS 12.2yv Details Vulnerabilities
209 Hardware Cisco IOS 12.2jk Details Vulnerabilities
210 Hardware Cisco IOS 12.2xr Details Vulnerabilities
211 Hardware Cisco IOS 12.2zya Details Vulnerabilities
212 Hardware Cisco IOS 12.2fx Details Vulnerabilities
213 Hardware Cisco IOS 12.3yd Details Vulnerabilities
214 Hardware Cisco IOS 12.3xi Details Vulnerabilities
215 Hardware Cisco IOS 12.3jea Details Vulnerabilities
216 Hardware Cisco IOS 12.3yf Details Vulnerabilities
217 Hardware Cisco IOS 12.3yk Details Vulnerabilities
218 Hardware Cisco IOS 12.3za Details Vulnerabilities
219 Hardware Cisco IOS 12.3xa Details Vulnerabilities
220 Hardware Cisco IOS 12.3jx Details Vulnerabilities
221 Hardware Cisco IOS 12.3xr Details Vulnerabilities
222 Hardware Cisco IOS 12.3yx Details Vulnerabilities
223 Hardware Cisco IOS 12.3ya Details Vulnerabilities
224 Hardware Cisco IOS 12.3xg Details Vulnerabilities
225 Hardware Cisco IOS 12.3bc Details Vulnerabilities
226 Hardware Cisco IOS 12.3ja Details Vulnerabilities
227 Hardware Cisco IOS 12.3xz Details Vulnerabilities
228 Hardware Cisco IOS 12.3yj Details Vulnerabilities
229 Hardware Cisco IOS 12.3xl Details Vulnerabilities
230 Hardware Cisco IOS 12.3va Details Vulnerabilities
231 Hardware Cisco IOS 12.3jl Details Vulnerabilities
232 Hardware Cisco IOS 12.3xq Details Vulnerabilities
233 Hardware Cisco IOS 12.3yt Details Vulnerabilities
234 Hardware Cisco IOS 12.3xy Details Vulnerabilities
235 Hardware Cisco IOS 12.3xe Details Vulnerabilities
236 Hardware Cisco IOS 12.3xu Details Vulnerabilities
237 Hardware Cisco IOS 12.3yi Details Vulnerabilities
238 Hardware Cisco IOS 12.3tpc Details Vulnerabilities
239 Hardware Cisco IOS 12.3jk Details Vulnerabilities
240 Hardware Cisco IOS 12.3ys Details Vulnerabilities
241 Hardware Cisco IOS 12.3t Details Vulnerabilities
242 Hardware Cisco IOS 12.3xx Details Vulnerabilities
243 Hardware Cisco IOS 12.3xd Details Vulnerabilities
244 Hardware Cisco IOS 12.3yh Details Vulnerabilities
245 Hardware Cisco IOS 12.3xk Details Vulnerabilities
246 Hardware Cisco IOS 12.3b Details Vulnerabilities
247 Hardware Cisco IOS 12.3jec Details Vulnerabilities
248 Hardware Cisco IOS 12.3yq Details Vulnerabilities
249 Hardware Cisco IOS 12.3xw Details Vulnerabilities
250 Hardware Cisco IOS 12.3bw Details Vulnerabilities
251 Hardware Cisco IOS 12.3xc Details Vulnerabilities
252 Hardware Cisco IOS 12.3yg Details Vulnerabilities
253 Hardware Cisco IOS 12.3 Details Vulnerabilities
254 Hardware Cisco IOS 12.3xj Details Vulnerabilities
255 Hardware Cisco IOS 12.3jeb Details Vulnerabilities
256 Hardware Cisco IOS 12.3yu Details Vulnerabilities
257 Hardware Cisco IOS 12.3ym Details Vulnerabilities
258 Hardware Cisco IOS 12.3yz Details Vulnerabilities
259 Hardware Cisco IOS 12.3xb Details Vulnerabilities
260 Hardware Cisco IOS 12.3xs Details Vulnerabilities
261 OS Cisco IOS 12.4jk Details Vulnerabilities
262 Hardware Cisco IOS 12.4xv Details Vulnerabilities
263 OS Cisco IOS 12.4jl Details Vulnerabilities
264 Hardware Cisco IOS 12.4xb Details Vulnerabilities
265 Hardware Cisco IOS 12.4xt Details Vulnerabilities
266 OS Cisco IOS 12.4md Details Vulnerabilities
267 Hardware Cisco IOS 12.4sw Details Vulnerabilities
268 Hardware Cisco IOS 12.4xw Details Vulnerabilities
269 Hardware Cisco IOS 12.4xa Details Vulnerabilities
270 Hardware Cisco IOS 12.4xk Details Vulnerabilities
271 OS Cisco IOS 12.4jma Details Vulnerabilities
272 Hardware Cisco IOS 12.4xp Details Vulnerabilities
273 OS Cisco IOS 12.4mr Details Vulnerabilities
274 Hardware Cisco IOS 12.4xg Details Vulnerabilities
275 Hardware Cisco IOS 12.4t Details Vulnerabilities
276 Hardware Cisco IOS 12.4xj Details Vulnerabilities
277 OS Cisco IOS 12.4jmb Details Vulnerabilities
278 Hardware Cisco IOS 12.4xd Details Vulnerabilities
279 OS Cisco IOS 12.4ja Details Vulnerabilities
280 Hardware Cisco IOS 12.4 Details Vulnerabilities
281 Hardware Cisco IOS 12.4xe Details Vulnerabilities
282 OS Cisco IOS 12.4jx Details Vulnerabilities
283 OS Cisco IOS 12.4jda Details Vulnerabilities
284 Hardware Cisco IOS 12.4xc Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Cisco IOS 275
Cisco IOS 9

- References For CVE-2008-3821

http://xforce.iss.net/xforce/xfdb/47947
XF cisco-ios-httpserver-ping-xss(47947)
http://www.securityfocus.com/bid/33260
BID 33260 Cisco IOS HTTP Server Multiple Cross Site Scripting Vulnerabilities Release Date:2009-06-19
http://www.securityfocus.com/archive/1/archive/1/500063/100/0/threaded
BUGTRAQ 20090114 PR08-19: XSS on Cisco IOS HTTP Server
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-19
http://www.frsirt.com/english/advisories/2009/0138
VUPEN ADV-2009-0138
http://www.cisco.com/en/US/products/products_security_response09186a0080a5c501.html
CISCO 20090114 Cisco IOS Cross-Site Scripting Vulnerabilities
http://securitytracker.com/id?1021598
SECTRACK 1021598
http://securityreason.com/securityalert/4916
SREASON 4916
http://secunia.com/advisories/33461
SECUNIA 33461
http://osvdb.org/51394
OSVDB 51394
http://osvdb.org/51393
OSVDB 51393
http://jvn.jp/en/jp/JVN28344798/index.html
JVN JVN#28344798

- Metasploit Modules Related To CVE-2008-3821

There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.