Vulnerability Name:

CVE-2008-1502 (CCN-41435)

Assigned:2008-03-19
Published:2008-03-19
Updated:2020-12-01
Summary:The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string containing crafted URL protocols.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2008-1502

Source: CONFIRM
Type: Patch, Vendor Advisory
http://docs.moodle.org/en/Release_Notes#Moodle_1.8.5

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:015

Source: CCN
Type: SA29491
eGroupWare HTML Filter Bypass Vulnerability

Source: SECUNIA
Type: Vendor Advisory
29491

Source: SECUNIA
Type: Vendor Advisory
30073

Source: CCN
Type: SA30986
Moodle KSES HTML Filter Bypass Vulnerability

Source: SECUNIA
Type: Vendor Advisory
30986

Source: CCN
Type: SA31017
Moodle KSES HTML Filter Bypass Vulnerability

Source: SECUNIA
Type: Vendor Advisory
31017

Source: SECUNIA
Type: Vendor Advisory
31018

Source: SECUNIA
Type: UNKNOWN
31167

Source: SECUNIA
Type: Vendor Advisory
32400

Source: SECUNIA
Type: Vendor Advisory
32446

Source: DEBIAN
Type: Patch
DSA-1691

Source: DEBIAN
Type: UNKNOWN
DSA-1871

Source: DEBIAN
Type: DSA-1691
moodle -- several vulnerabilities

Source: DEBIAN
Type: DSA-1871
wordpress -- several vulnerabilities

Source: CCN
Type: eGroupWare Web site
eGroupWare

Source: CONFIRM
Type: UNKNOWN
http://www.egroupware.org/changelog

Source: MISC
Type: Exploit
http://www.egroupware.org/viewvc/branches/1.4/phpgwapi/inc/class.kses.inc.php?r1=23625&r2=25110&pathrev=25110

Source: CCN
Type: eGroupWare Changelog, Wed Mar 19 11:10:17 2008 UTC
View of /branches/1.4/phpgwapi/inc/class.kses.inc.php

Source: CCN
Type: GLSA-200805-04
eGroupWare: Multiple vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200805-04

Source: MLIST
Type: UNKNOWN
[oss-security] 20080708 Re: CVE request: moodle xss in < 1.8.5

Source: CCN
Type: OSVDB ID: 43677
KSES class.kses.inc.php _bad_protocol_once() Function HTML Filter Bypass

Source: CCN
Type: OSVDB ID: 47977
KSES lib/kses.php kses_bad_protocol_once Function Arbitrary PHP Code Execution

Source: BID
Type: Patch
28424

Source: CCN
Type: BID-28424
RETIRED: eGroupWare '_bad_protocol_once()' HTML Security Bypass Vulnerability

Source: CCN
Type: BID-28599
kses Multiple Input Validation Vulnerabilities

Source: CCN
Type: USN-658-1
Moodle vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2008-0989

Source: XF
Type: UNKNOWN
egroupware-badprotocolonce-security-bypass(41435)

Source: XF
Type: UNKNOWN
egroupware-badprotocolonce-security-bypass(41435)

Source: UBUNTU
Type: UNKNOWN
USN-658-1

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-6226

Source: SUSE
Type: SUSE-SR:2008:015
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:moodle:moodle:1.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.6.7:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.5.0:beta:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:*:*:*:*:*:*:*:* (Version <= 1.8.4)
  • OR cpe:/a:moodle:moodle:1.7.4:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.5:-:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:egroupware:egroupware:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:egroupware:egroupware:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.7.6:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.7.5:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.6.6:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:egroupware:egroupware:1.4.001:*:*:*:*:*:*:*
  • OR cpe:/a:egroupware:egroupware:1.2.106-2:*:*:*:*:*:*:*
  • OR cpe:/a:egroupware:egroupware:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.8.3:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:moodle:moodle:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:egroupware:egroupware:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:egroupware:egroupware:*:*:*:*:*:*:*:* (Version <= 1.4.002)

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:17657
    P
    		USN-658-1 -- moodle vulnerability
    2014-06-30
    oval:org.mitre.oval:def:20060
    P
    		DSA-1691-1 moodle - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:12947
    P
    		DSA-1871-2 wordpress -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:13072
    P
    		DSA-1871-1 wordpress -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7939
    P
    		DSA-1691 moodle -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:8072
    P
    		DSA-1871 wordpress -- several vulnerabilities
    2014-06-23
    oval:org.opensuse.security:def:20081502
    V
    		CVE-2008-1502
    2012-11-01
    oval:org.debian:def:1871
    V
    		several vulnerabilities
    2009-08-23
    oval:org.debian:def:1691
    V
    		several vulnerabilities
    2008-12-22
    BACK
    moodle moodle 1.8.1
    moodle moodle 1.6.7
    moodle moodle 1.5.0 beta
    moodle moodle 1.5.3
    moodle moodle 1.4.2
    moodle moodle 1.4.1
    moodle moodle 1.2.0
    moodle moodle 1.1.1
    moodle moodle *
    moodle moodle 1.7.4
    moodle moodle 1.7.3
    moodle moodle 1.6.4
    moodle moodle 1.6.3
    moodle moodle 1.6.2
    moodle moodle 1.5
    moodle moodle 1.4.5
    moodle moodle 1.3.2
    moodle moodle 1.3.1
    egroupware egroupware 1.0.3
    egroupware egroupware 1.0.1
    moodle moodle 1.7.6
    moodle moodle 1.7.5
    moodle moodle 1.6.6
    moodle moodle 1.6.5
    moodle moodle 1.5.2
    moodle moodle 1.5.1
    moodle moodle 1.3.4
    moodle moodle 1.3.3
    egroupware egroupware 1.4.001
    egroupware egroupware 1.2.106-2
    egroupware egroupware 1.0.6
    moodle moodle 1.8.3
    moodle moodle 1.8.2
    moodle moodle 1.7.2
    moodle moodle 1.7.1
    moodle moodle 1.6.1
    moodle moodle 1.6.0
    moodle moodle 1.4.4
    moodle moodle 1.4.3
    moodle moodle 1.3.0
    moodle moodle 1.2.1
    egroupware egroupware 1.0
    egroupware egroupware *