Intrusion Prevention

CGI.Sun.Cobalt.RAQ4Server.Vuln

Description

This indicates an attempt to exploit a cross site scripting vulnerability in Sun Cobalt RAQ4Server.
There are several vulnerabilities in the Sun Cobalt RAQ4Server. They are a result of a lack of input validation the service.cgi, search.cgi and alert.cgi scripts. Successful exploitation could lead to a Denial of Service or the execution of arbitrary code.

Affected Products

Cobalt RaQ 4.0, Cobalt RaQ 3.0 and Cobalt RaQ 2.0

Impact

System compromise: remote code execution.
Denial of service.

Recommended Actions

Apply the appropriate patch from the vendor or upgrade to non-vulnerable version.

CVE References

CVE-2002-0346