Elxis CMS 'index.php' 会话劫持漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1116402 漏洞类型 授权问题
发布时间 2008-10-14 更新时间 2008-10-22
CVE编号 CVE-2008-4649 CNNVD-ID CNNVD-200810-350
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/32488
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200810-350
|漏洞详情
ElxisCMS存在会话固定漏洞,远程攻击者通过设置PHPSESSID参数,来劫持web会话。
|漏洞EXP
source: http://www.securityfocus.com/bid/31764/info
 
Elxis CMS is prone to multiple cross-site scripting and session-fixation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The application is also prone to a session-fixation vulnerability.
 
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
 
Using the session-fixation issue, the attacker can hijack the session and gain unauthorized access to the affected application.
 
Elxis CMS 2006.1 is vulnerable; other versions may also be affected.

http://www.site.com/?PHPSESSID=[session_fixation]
|参考资料

来源:XF
名称:elxis-phpsessid-session-hijacking(45868)
链接:http://xforce.iss.net/xforce/xfdb/45868
来源:BID
名称:31764
链接:http://www.securityfocus.com/bid/31764
来源:MISC
链接:http://packetstormsecurity.org/0810-exploits/elxis-xss.txt