Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

VHCS 2.x HTTP Error Cross Site Scripting

from [Moritz Naumann] Network Security [Permanent Link]
Subject: VHCS 2.x HTTP Error Cross Site Scripting
Date: Tue, 22 Nov 2005 22:11:26 +0100 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


SA0006

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++     VHCS 2.x HTTP Error Cross Site Scripting      +++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


PUBLISHED ON
  Nov 22, 2005


PUBLISHED AT
  http://moritz-naumann.com/adv/0006/vhcsxss/0006.txt
  http://moritz-naumann.com/adv/0006/vhcsxss/0006.txt.sig


PUBLISHED BY
  Moritz Naumann IT Consulting & Services
  Hamburg, Germany
  http://moritz-naumann.com/

  SECURITY at MORITZ hyphon NAUMANN d0t COM
  GPG key: http://moritz-naumann.com/keys/0x277F060C.asc


AFFECTED APPLICATION OR SERVICE
  VHCS
  http://www.vhcs.net/

  VHCS, the Virtual Hosting Control System, is a virtual
  hosting management application.



AFFECTED VERSIONS
  Version 2.2.0 up to and including 2.4.6.2


BACKGROUND
  Cross Site Scripting, also known as XSS or CSS, describes
  the injection of malicious content into output produced
  by a web application. A common attack vector is the
  inclusion of arbitrary client side script code into the
  applications' output. Failure to completely sanitize user
  input from malicious content causes a web application
  to be vulnerable to Cross Site Scripting.

  http://en.wikipedia.org/wiki/XSS
  http://www.cgisecurity.net/articles/xss-faq.shtml


ISSUE
  VHCS is subject to a XSS vulnerability on its HTTP error
  messages. This issue is caused by lack of input sanitation
  in vhcs/gui/errordocs/index.php which returns unfiltered
  web server environment variables.

  Successful exploitation may allow for impersonification
  through session stealing attacks.

  The following URL demonstrates this issue:

[vhcs_basedir]/dev/inputvalidation%3Cscript%3Ealert(window.location.hash)%3B%3C/script%3E#XSS


WORKAROUND
  Client: Disable Javascript.
  Server: Prevent access to vulnerable file(s).


SOLUTIONS
  Moritz Naumann IT Consulting & Services has crafted a
  unified diff patch against VHCS 2.4.6.2 which is available at
    http://moritz-naumann.com/adv/0006/vhcsxss/patch/index.php.diff

  VHCS developers may provide a fix in the 2.6 release. A release
  date is not currently set.


TIMELINE
  Oct 06, 2005  Discovery
  Oct 06, 2005  Code maintainer notified
  Oct 06, 2005  Code maintainer replies
  Nov 22, 2005  Public disclosure


REFERENCES
  N/A


ADDITIONAL CREDIT
  N/A


LICENSE
  Creative Commons Attribution-ShareAlike License Germany
  http://creativecommons.org/licenses/by-sa/2.0/de/



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDg4l+n6GkvSd/BgwRAnhcAKCEfl0VO/XNXvL9ltSkJzWMBnsGxwCdE269
2TBoq12ltOuH467cZqOUy1k=
=IIUA
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] Re: Your One-Stop Site For Sony Lawsuit Info, Anonymous Squirrel
Next by Date:  [Full-disclosure] [ GLSA 200511-18 ] phpSysInfo: Multiple vulnerabilities, Sune Kloppenborg Jeppesen
Previous by Thread:  [KAPDA::#14] - PHPPost XSS and HTML Injection, alireza hassani
Next by Thread:  Re: VHCS 2.x HTTP Error Cross Site Scripting, Moritz Naumann
Indexes:  [Date] [Thread] [Top] [All Lists]