This e-mail is to provide the correct CVE Candidate Number for the
vulnerability mentioned below.

The correct CVE Number is: CAN-2002-0375.

The referenced SecurityTracker report contains the correct number -- it
was just my e-mail that contained the error. My apologies for the
cut-n-paste goof and thanks to Steve Christey for pointing this out.

Stuart

> Hi,
>
> On April 17, 2002, frog-mn posted a message to vuln-dev with a note
> about a cross-site scripting bug in a script called Sgdynamo. See:
>
> http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0155.html
> http://www.ifrance.com/kitetoua/tuto/5holes1.txt
>
> The vendor has since released a fix. I've included a brief extract from
> http://securitytracker.com/alerts/2002/May/1004257.html with the
> essential details, including information from the vendor how to obtain a
> fix. CVE number is CAN-2002-0356. <<< This is the wrong number!
>
> Stuart
>
> ------------------------------------------------------------------------
> Ecometry's SGDynamo Web Application Engine Allows Remote Users to
> Conduct Cross-Site Scripting Attacks
> ------------------------------------------------------------------------
>
> [Description]:
>
> A vulnerability was reported in Ecometry's SGDynamo web application
> engine. A remote user can conduct cross-site scripting attacks against
> users of web sites running SGDynamo.
>
> The 'sgdynamo.exe' script will display user-supplied data when a URL
> error is encountered. The data is displayed without being properly
> escaped.
>
> This vulnerability was recently reported by frog-mn on the following
> web site:
>
> http://www.ifrance.com/kitetoua/tuto/5holes1.txt
>
> In that post, frog-mn indicated that the following type of URL could
> be used to cause the server to display the user-supplied script code:
>
> http://[targethost]/sgdynamo.exe?HTNAME=<script>SCRIPT</script>
>
> A remote user could create HTML containing malicious scripting that,
> when loaded by a target (victim) user, would cause the target user's
> browser to execute the scripting. The code would appear to originate
> from the web site running the Ecometry software and would run in the
> security context of that site. As a result, the code could access the
> target user's cookies associated with that web site.
>
> [Editor's notes: Ecometry was formerly known as Smith-Gardner. Also,
> thanks to Krissy for her help on this, to Bryan Ecometry for his
> cooperation, and of course to frog-mn who discovered the flaw.
> Finally, the vendor was very quick to fix this flaw once notified.]
>
>
> [Impact Summary]:
>
> Disclosure of authentication information, Execution of arbitrary code
> via network
>
>
> [Impact Text]:
>
> A remote user could access another user's cookies associated with the
> site running 'sgdynamo.exe'.
>
>
> [Solution]:
>
> The vendor has released a fix for versions 5.32T and above (5.32U,
> 6.1, 7.00). Customers should call their Ecometry Customer Support Rep
> in order to obtain the fixed code. Customers should reference Job #
> 181625-01 when requesting the code.
>
> ------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]