The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


Apache Geronimo 1.0 - CSS and persistent HTML-Injection


<< Previous INDEX Search src / Print Next >>
Subject: Apache Geronimo 1.0 - CSS and persistent HTML-Injection
        vulnerabilities
From: oliver karow <oliver.karow@gmx.de.>
To: [email protected]
Content-Type: text/plain
Date: Sun, 15 Jan 2006 19:12:58 +0100
Message-Id: <1137348779.7430.7.camel@localhost.>
Mime-Version: 1.0
X-Mailer: Evolution 2.2.3 
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
X-Virus-Scanned: antivirus-gw at tyumen.ru


Apache Geronimo 1.0 - CSS and persistent HTML-Injection vulnerabilities

Product: ======== Apache Geronimo is the J2EE server project of the Apache Software Foundation. Version: ======== Apache Geronimo 1.0, Jetty 5.1.9 Vulnerabilities =============== The first one is a classical cross-site scripting in the jsp-examples: http://10.10.10.10:8080/jsp-examples/cal/cal2.jsp?time="/><script>alert('Gotcha')</script> The second one is a persistant html-/script-Injection vulnerability which is a little more critical than the first one: The Web-Access-Log viewer does no filtering for html-/script-tags, and therefore allows attacks against the user of the admin-console. For example the request: http://10.10.10.10:8080/script-that-dont-has-to-exist.jsp?foobar="/><script>alert(document.cookie)</script> is stored without sanitizing inside the logfile and the script part is executed, if the geronimo-admin is accessing the web-access-log-viewer. An example attack can steal the current session-id of the admin, which is stored as a cookie. Vendor: ======= URL: http://geronimo.apache.org Bug: http://issues.apache.org/jira/browse/GERONIMO-1474 Fix: Upgrade to version 1.0.1 or 1.1 Discovered ========== Oliver Karow www.oliverkarow.de/research/geronimo_css.txt 13.01.2005

<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру