Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Antville 1.1 Cross Site Scripting

from [Moritz Naumann] Network Security [Permanent Link]
Subject: Antville 1.1 Cross Site Scripting
Date: Wed, 09 Nov 2005 17:50:30 +0100 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



SA0004

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++         Antville 1.1 Cross Site Scripting         +++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


PUBLISHED ON
  Nov 09, 2005


PUBLISHED AT
  http://moritz-naumann.com/adv/0004/antvxss/0004.txt
  http://moritz-naumann.com/adv/0004/antvxss/0004.txt.sig


PUBLISHED BY
  Moritz Naumann IT Consulting & Services
  Hamburg, Germany
  http://moritz-naumann.com/

  info AT moritz HYPHON naumann D0T com
  GPG key: http://moritz-naumann.com/keys/0x277F060C.asc


AFFECTED APPLICATION OR SERVICE
  Antville
  http://www.antville.org/


AFFECTED VERSION
  Version 1.1
  Possibly versions 1.0 and lower (untested)


BACKGROUND
  Everybody knows XSS.
  http://en.wikipedia.org/wiki/XSS
  http://www.cgisecurity.net/articles/xss-faq.shtml


ISSUE
  A XSS vulnerability has been detected in Antville. The
  problem is caused by insufficient input sanitation.

  By making a victim visit a specially crafted URL, it is
  possible to inject client side scripting (such as
  Javascript) and HTML which will be executed/rendered in
  her browser.

  The following URL demonstrates this issue:
    [antville_basepath]/project/<script>alert('XSS');</script>

  This may not be easily exploitable for cookie/session
  stealing attacks due to the IP address lock on the session.


WORKAROUND
  Client: Disable Javascript.
  Server: Prevent access to the Antville installation.


SOLUTIONS
  There does not seem to be a patch available. Our attempts
  to contact the developers were unsuccessful.


TIMELINE
  Sep 19, 2005  Discovery
  Sep 19, 2005  Code maintainer notification
  Sep 29, 2005  Another code maintainer notification
  Nov 09, 2005  Public disclosure


REFERENCES
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3530


ADDITIONAL CREDIT
  N/A


LICENSE
  Creative Commons Attribution-ShareAlike License Germany
  http://creativecommons.org/licenses/by-sa/2.0/de/



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDcijWn6GkvSd/BgwRAt1GAJwKCc/BKl9UKEGc4gNH3iO61em0xQCggqKG
vr3wn/zqL0VwrGk/rEqhbR0=
=s8WY
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Antville 1.1 Cross Site Scripting, Moritz Naumann <=
Previous by Date:  Multiple security issues in TikiWiki 1.9.x, Moritz Naumann
Next by Date:  New Bug KESM in GoogleTalk, natalylopez380
Previous by Thread:  Multiple security issues in TikiWiki 1.9.x, Moritz Naumann
Next by Thread:  New Bug KESM in GoogleTalk, natalylopez380
Indexes:  [Date] [Thread] [Top] [All Lists]