Vulnerability CVE-2006-2501 - CERT Civis.Net

Vulnerability Name:

CVE-2006-2501 (CCN-26550)

Assigned:

2006-05-18

Published:

2006-05-18

Updated:

2017-07-20

Summary:

Cross-site scripting (XSS) vulnerability in Sun ONE Web Server 6.0 SP9 and earlier, Java System Web Server 6.1 SP4 and earlier, Sun ONE Application Server 7 Platform and Standard Edition Update 6 and earlier, and Java System Application Server 7 2004Q2 Standard and Enterprise Edition Update 2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving error messages.
This vulnerability is addressed in the following product releases:
Sun, ONE Web Server, 6.0 SP10 or later
Sun, Java System Web Server, 6.1 SP5 or later
Sun, ONE Application Server, 7.0 Platform Update 7 or later
Sun, ONE Application Server, 7.0 Standard Update 7 or later
Sun, Java System Application Server, 7.0 2004Q2 Standard Update 3 or later
Sun, Java System Application Server, 7.0 2004Q2 Enterprise Update 3 or later

CVSS v3 Severity:

5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2006-2501

Source: JVN
Type: Patch
JVN#03D5EAA8

Source: CCN
Type: SA20147
Sun ONE/Java System Web Server Cross-Site Scripting

Source: SECUNIA
Type: Patch, Vendor Advisory
20147

Source: CCN
Type: SECTRACK ID: 1016125
Sun Java System Web Server Default Error Page Input Validation Hole PermitsCross-Site Scripting Attacks

Source: SECTRACK
Type: UNKNOWN
1016125

Source: CCN
Type: SECTRACK ID: 1016126
Sun Java Application Server Default Error Page Input Validation Hole Permits Cross-Site Scripting Attacks

Source: SECTRACK
Type: UNKNOWN
1016126

Source: CCN
Type: Sun Alert ID: 102164
Cross Site Scripting Vulnerability in Sun ONE and Sun Java System Applications

Source: SUNALERT
Type: Patch
102164

Source: CCN
Type: US-CERT VU#114956
Sun ONE and Sun Java System Applications vulnerable to cross-site scripting via default error page

Source: CERT-VN
Type: US Government Resource
VU#114956

Source: CCN
Type: OSVDB ID: 25634
Sun ONE/Java System Web Server Error Page XSS

Source: BID
Type: UNKNOWN
18035

Source: CCN
Type: BID-18035
Sun ONE and Sun Java System Applications Error Page Cross-Site Scripting Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2006-1866

Source: XF
Type: UNKNOWN
sun-java-system-xss(26550)

Source: XF
Type: UNKNOWN
sun-java-system-xss(26550)

Vulnerable Configuration:

Configuration 1:

cpe:/a:sun:java_system_application_server:*:ur2:enterprise:*:*:*:*:* (Version <= 7.0)

OR cpe:/a:sun:java_system_application_server:*:ur2:standard:*:*:*:*:* (Version <= 7.0)

OR cpe:/a:sun:java_system_web_server:6.1:*:*:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp1:*:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp2:*:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp3:*:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:*:sp4:*:*:*:*:*:* (Version <= 6.1)

OR cpe:/a:sun:one_application_server:6.0:*:*:*:*:*:*:*

OR cpe:/a:sun:one_application_server:6.0:sp1:*:*:*:*:*:*

OR cpe:/a:sun:one_application_server:6.0:sp2:*:*:*:*:*:*

OR cpe:/a:sun:one_application_server:7.0:*:platform:*:*:*:*:*

OR cpe:/a:sun:one_application_server:7.0:*:standard:*:*:*:*:*

OR cpe:/a:sun:one_application_server:*:update_6:platform:*:*:*:*:* (Version <= 7.0)

OR cpe:/a:sun:one_application_server:*:update_6:standard:*:*:*:*:* (Version <= 7.0)

OR cpe:/a:sun:one_web_server:6.0:sp3:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp4:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp5:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp7:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp8:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:*:sp9:*:*:*:*:*:* (Version <= 6.0)

Configuration CCN 1:

cpe:/a:sun:one_web_server:6.0:*:*:*:*:*:*:*

OR cpe:/a:sun:one_application_server:7.0::standard:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:*:*:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp1:*:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp2:*:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp3:*:*:*:*:*:*

OR cpe:/a:sun:java_system_web_server:6.1:sp4:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp4:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp5:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp9:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp8:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp7:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp3:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp2:*:*:*:*:*:*

OR cpe:/a:sun:one_web_server:6.0:sp1:*:*:*:*:*:*

OR cpe:/a:sun:one_application_server:7.0::platform:*:*:*:*:*

Denotes that component is vulnerable