OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: galiarept [security-corp] (galiarept_at_security-corp.org)
Date: Sun Jan 19 2003 - 14:57:23 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    .: Sambar Server Cross-Site Scripting vulnerability :.
    ________________________________________________________________________

    Security Corporation Security Advisory [SCSA-001]
    ________________________________________________________________________

    PROGRAM: Sambar Server
    HOMEPAGE: http://www.sambar.com/
    VULNERABLE VERSIONS: 5.3 and prior
    ________________________________________________________________________

    DESCRIPTION
    ________________________________________________________________________

    "Sambar Server is the new standard in high performance multi-functional
    servers with features rivaling other commercial products selling
    separately for several hundreds of dollars. It's Winsock2 compliant Win32
     integration functions on Windows 95, Windows 98, Windows NT, Win2000,
    and XP as a service or as an application."
    (direct quote from http://sambar.jalyn.net)

    DETAILS
    ________________________________________________________________________

    An exploitable bug was found on Sambar Server which cause javascript
    execution on client's computer by following a crafted url.

    This kind of attack known as "Cross-Site Scripting Vulnerability" is
    present in search section of the web site, anyone can input specially
    crafted links and/or other malicious scripts.

    EXPLOITS
    ________________________________________________________________________

    http://localhost/search/results.stm?query=>alert('Test%20of%20vulnera
    bility');</script>

    SOLUTIONS
    ________________________________________________________________________

    No solution for the moment.

    VENDOR STATUS
    ________________________________________________________________________

    Sambar has been contacted.

    ------------------------------------------------------------------
    Grégory Le Bras aka GaLiaRePt |     http://www.Security-Corp.org
    ------------------------------------------------------------------

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html