OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
One more flaw in Happymall

From: Julio Cesar (e2fsckbol.com.br)
Date: Mon May 12 2003 - 11:19:49 CDT


Happymall E-Commerce Directory Transversal Bug and Cross-site scripting

Vendor: Happycgi.com

Product: Happymall

Versions: 4.3, 4.4 (patched version too)

'normal_html.cgi' doesn't filter user-supplied input. The well-known
directory transversal
and cross-site scripting (XSS) vulnerabilities are present in Happymall
(patched version too).

The impact is that attackers can read files on the system and use XSS
tricks to steal
cookies and other informations.

An example: /shop/normal_html.cgi?file=../../../../../../etc/issue%00
            /shop/normal_html.cgi?file=<script>alert("XSS")</script>

Even happycgi.com is vulnerable to these bugs.

Solution: I have contacted CERTCC-KR.

Greetings: y0Rk, iplogd, rfds, VUGO, psaux, romer, cronus, Sh0dan, jo3y_,
psyc, Red_Hat BoLoDoRio, c7g, C0VER, SaintsLD, sarkastics, B_Real and
#xcorp BRASNet :)

Julio "e2fsck" Cesar, <e2fsckbol.com.br>
e2fsck irc.brasnet.org

                                san dimas high school football rules