[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities
- From: robkraus@xxxxxxxxxxxxxxx
- Date: 15 Feb 2011 18:56:03 -0000
Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities
Solutionary ID: SERT-VDN-1003
Solutionary Disclosure URL:
http://www.solutionary.com/index/SERT/Vuln-Disclosures/Tembria-Server-Monitor-XSS.html
CVE ID: Pending
Product: Tembria Server Monitor
Application Vendor: Tembria
Vendor URL: http://www.tembria.com/products/servermonitor/index.html
Date discovered: 1/22/2011
Discovered by: Rob Kraus, Jose Hernandez, and Solutionary
Engineering Research Team (SERT)
Vendor notification date: 1/25/2011
Vendor response date: 1/25/2011
Vendor acknowledgment date: 1/25/2011
Public disclosure date: 2/14/2011
Type of vulnerability: Cross-Site Scripting (XSS) - Reflected
Exploit Vectors: Local and Remote
Vulnerability Description: The Web application management interface of Server
Monitor contains multiple injection points, which allow for execution of
Cross-site Scripting (XSS) attacks. Arbitrary client side code such as
JavaScript can be included into certain parameters throughout the Web
application. The following parameters and Web pages have been tested and
verified; however, it is likely more views and parameters within the
application are vulnerable:
event-history.asp (siteid, type) parameter
admin-history.asp (siteid, type) parameters
dashboard-view.asp (siteid, id) parameters
device-events.asp (siteid, dn) parameters
device-finder.asp (siteid, submit) parameters
device-list.asp (siteid, action, sel) parameters
device-monitors.asp (siteid, dn) parameters
device-views.asp (siteid, type) parameters
logbook.asp (siteid) parameter
monitor-events.asp (siteid) parameter
monitor-list.asp (siteid, action, sel) parameters
monitor-views.asp (siteid, type) parameters
reports-config-by-device.asp (siteid) parameter
reports-config-by-monitor.asp (siteid) parameter
reports-list.asp (siteid, sel) parameters
reports-monitoring-queue.asp (siteid) parameter
site-list.asp (action) parameter
Tested on: Windows XP, SP3, with Tembria Server Monitor v6.0.4 - Build 2229
default installation.
Affected software versions: Tembria Server Monitor v6.0.4 - Build 2229
(previous versions may also be vulnerable)
Impact: Successful attacks could disclose sensitive information about the user,
session, and application to the attacker, resulting in a loss of
confidentiality. Using XSS, an attacker could insert malicious code into a web
page and entice naïve users to execute the malicious code.
Fixed in: Tembria Server Monitor v6.0.5 - Build 2252
Remediation guidelines: The vendor has created a fix for the vulnerabilities
identified. Please update to version 6.0.5 - Build 2252 or newer.