Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SPIDynamics WebInspect Cross-ApplicationScripting (XAS)

from [Security-Alert] Network Security [Permanent Link]
Subject: SPIDynamics WebInspect Cross-ApplicationScripting (XAS)
Date: Thu, 28 Jul 2005 19:58:37 -0400 
SPI Dynamics Security Bulletin SPI-0001-07282005

Issue:
Potential WebInspect Cross Application Scripting (XAS) Vulnerability

Severity:
Low

Potential Impact:
Remote Code Execution

Recommendation:
All customers should run SmartUpdate to ensure they are running the
latest version of WebInspect (5.5.386 or later).

Affected Software:
WebInspect 5.0.196

Non-Affected Software:
WebInspect 5.5
QAInspect (all versions)
DevInspect (all versions)
SecureObjects (all versions)
AMP (all versions)

Description:
SPI Dynamics has investigated a public report of a Cross Application
Scripting (XAS) vulnerability in WebInspect. We have verified that
WebInspect 5.5 (released May 16th, 2005) is not vulnerable however
WebInspect version 5.0.196 was susceptible. We recommend all customers
upgrade to WebInspect 5.5 which can be performed automatically at any
time by running SmartUpdate.

Background:
Cross application scripting (XAS) is possible when an application
executes data in a security context different from the original content
(presumably one with less security restrictions). For example the data
may be obtained from an un-trusted source (a remote web server) that is
sent unfiltered into a trusted application such as when web content is
downloaded from a remote server, and then re-displayed on the local
host. Any application that downloads and then later displays and
executes web content (such as JavaScript) may be vulnerable to XAS.

Disclosure Timeline:
April 15, 2005 08:01 AM – Initial disclosure to SPI Dynamics
April 15, 2005 09:28 AM – Initial SPI Dynamics response
July 26, 2005 04:45 AM– Public posting of disclosure (not coordinated
with SPI Dynamics)

Acknowledegements:
SPI Dynamics wishes to thank Sergey V. Gordeychik for informing us of
this vulnerability

Disclaimer:
The information provided in this bulletin is provided "as is" without
warranty of any kind. SPI Dynamics, Inc. disclaims all warranties,
either express or implied, including the warranties of merchantability
and fitness for a particular purpose. In no event shall SPI Dynamics,
Inc. or its suppliers be liable for any damages whatsoever including
direct, indirect, incidental, consequential, loss of business profits or
special damages, even if SPI Dynamics, Inc. or its suppliers have been
advised of the possibility of such damages. Some states do not allow the
exclusion or limitation of liability for consequential or incidental
damages so the foregoing limitation may not apply.

Revisions:
V1.0 (July 27, 2005): Internal Release
V1.1 (July 28, 2005): Bulletin published

Contact:
Security issues and questions related to security bulletins may be sent
to SPI Dynamics at security-alert@spidynamics.com



[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • SPIDynamics WebInspect Cross-ApplicationScripting (XAS), Security-Alert <=
Previous by Date:  [Full-disclosure] [USN-156-1] TIFF vulnerability, Martin Pitt
Next by Date:  MDKSA-2005:126 - Updated fetchmail packages fix vulnerability, Mandriva Security Team
Previous by Thread:  [Full-disclosure] [USN-156-1] TIFF vulnerability, Martin Pitt
Next by Thread:  MDKSA-2005:126 - Updated fetchmail packages fix vulnerability, Mandriva Security Team
Indexes:  [Date] [Thread] [Top] [All Lists]