OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Daniel Nyström (excenetwinder.nu)
Date: Fri Apr 19 2002 - 01:48:24 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Telhack 026 Inc. Security Advisory - #2
    _________________________________________

    Name: IcrediBB 1.1 (iBB Beta 1.1)
    Impact: Medium (Cross Site Scripting)
    Date: April 19 / 2002
    _________________________________________

    Daniel Nyström <excenetwinder.nu>

    _I N F O_
    IcrediBB is a web BB. PHP powered, MySQL backend. Quick as well as
    easy on the server's resources. Vendor has been notified of all issues
    discussed.
    vendor is at: http://www.icredibb.com , and the package used for
    experimentation
    was icredi1-1.tar.gz found at http://www.sourceforge.net -> icredibb .

    _P R O B L E M_
    A Cross Site Scripting has been found due to insufficient checking of user
    input
    in both thread title and body. Therefore a user may post a message
    containing
    hostile javascript for example.

    _I M P A C T_
    Medium, as stealing of cookies is possible and probably you can mess up alot
    of
    things in MSIE * with evil javascript.

    _E X P L O I T I N G_
    Post a message containing:
    <script>alert('Cross Site Scripting possible');</script>
    in either the subject line or the message body. When users view the
    forum(subject vuln)
    or the post(body vuln) the javascript will be executed.

    _F I X E S_
    This vulnerability exist because of improper checking of user input. Suggest
    vendor filter
    out bad HTML and release new vesion.

    /Daniel Nyström a.k.a. excE Telhack 026 Inc.

    http://excelsi0r.darktech.org
    http://www.telhack.com