Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability

from [ozkan . aziz] Network Security [Permanent Link]
Subject: Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability
Date: 29 Sep 2006 19:41:34 -0000 
Whitehat.org.uk Advisory (1)

Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability

Vulnerability Type: Active code injection (XSS)

Problem Discovered: 14 September 2006
Vendor Contacted: 14 September 2006
Advisory Published: 29 September 2006

Abstract:
Mercury SiteScope is an agentless system monitoring solution designed to ensure 
the availability and performance of distributed IT infrastructures available on 
the Microsoft Windows Server platform as well as others.

Description:
User supplied HTML code is executed by the sitescope.

Technical Details:

Mercury sitescope 8.2 does not correctly validate user submitted input, making 
it possible to execute user submitted code by the sitescope web engine.

1) With the exception of "create new group name", any field create name field 
was susceptible to exploitation.
2) Any "description" field was susceptible to exploitation.

Additional Issues: 
Attempting to inject HTML code in the "new monitor description" field resulted 
in a loss of connectivity to the classic interface.

Workaround:
None at present - This may be considered a low risk issue as the user will need 
to be authenticated in order inject the maliciuos code, however, this attack 
vector could leveraged to steal session information. The vendor has been 
notified, however, has been non-responsive.

Tested Versions:
Mercury Sitescope 8.2 on Windows 2003 server - avaliable from 
http://www.mercury.com

Credits: Ozkan Aziz

Greetings: Gyan (dude), Varun :) , Gerald (Wheeey), Chitt (eCrimes)

Disclaimer:
This advisory intended to be informational. No responsibility is taken for its 
misuse.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Mercury SiteScope 8.2 (8.1.2.0) Cross Site Scripting (XSS) Vulnerability, ozkan . aziz <=
Previous by Date:  rPSA-2006-0176-1 openldap openldap-clients openldap-servers, rPath Update Announcements
Next by Date:  [Full-disclosure] setSlice exploited in the wild - massively, Gadi Evron
Previous by Thread:  rPSA-2006-0176-1 openldap openldap-clients openldap-servers, rPath Update Announcements
Next by Thread:  [Full-disclosure] setSlice exploited in the wild - massively, Gadi Evron
Indexes:  [Date] [Thread] [Top] [All Lists]