Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [DSECRG-08-007] OpenBSD BGPD daemon Web Interface XSS.

from [Digital Security Research Group] Network Security [Permanent Link]
Subject: Re: [DSECRG-08-007] OpenBSD BGPD daemon Web Interface XSS.
Date: Thu, 31 Jan 2008 20:19:04 +0300 
version 4.2 is NOT affected, please alter it in advisory
http://secunia.com/advisories/28726/  and others.


Vendor  fix this flaw in cvs on 10.10.2007.
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/bgplg/bgplg.c

Updated version OpenBSD 4.2 which was released Nov 1, 2007 is NOT
vulnerable.






[#DSECRG-08-007] Digital Security Research Group [DSecRG] Advisory




Application:                    OpenBSD BGPD daemon
Versions Affected:              OpenBSD 4.1 
Vendor URL:                     http://openbsd.org
Bugs:                           XSS
Exploits:                       YES
Reported:                       10.10.2007
Vendor response:                10.10.2007
Date of Public Advisory:        31.01.2008
Authors:                        Alexandr Polyakov, Anton Karpov
                                Digital Security Research Group
[DSecRG] (research [at] dsec [dot] ru)





Description
***********



OpenBSD BGPD daemon Web Interface has XSS  vulnerability




History
********



http://www.mail-archive.com/misc@openbsd.org/msg49057.html






Details
*******




Linked XSS vulnerability found in script /cgi-bin/bgplg attacker can inject 
XSS in parameter cmd



Example:




http://[server]/cgi-bin/bgplg?cmd=shov+version<script>alert('DSecRG 
XSS')</script>




Fix Information
***************



Vendor fix this flaw in cvs on 10.10.2007. Updated
version OpenBSD 4.2 which was released Nov 1, 2007. can be downloaded here:



http://openbsd.org





About
*****



Digital Security is leading IT security company in Russia,
providing information security consulting, audit and penetration
testing services, risk analysis and ISMS-related services and
certification for ISO/IEC 27001:2005 and PCI DSS standards. Digital
Security Research Group focuses on web application and database
security problems with vulnerability reports, advisories and
whitepapers posted regularly on our website.




Contact:        research [at] dsec [dot] ru
                http://www.dsec.ru (in Russian)









-- 
С уважением,
  Digital Security Research Group                           
mailto:alexandr.polyakov@dsec.ru
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] Attackers can SkypeFind you, avivra
Next by Date:  sflog! 0.96 remote file disclosure vulnerabilities, muuratsalo experimental hack lab
Previous by Thread:  [DSECRG-08-007] OpenBSD BGPD daemon Web Interface XSS., Digital Security Research Group
Next by Thread:  [waraxe-2008-SA#066] - Multiple Vulnerabilities in Coppermine 1.4.14, come2waraxe
Indexes:  [Date] [Thread] [Top] [All Lists]