Chucky A.lvery N.T. Index.PHP 跨站脚本攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1195473 漏洞类型 跨站脚本
发布时间 2006-04-07 更新时间 2006-04-07
CVE编号 CVE-2006-1657 CNNVD-ID CNNVD-200604-097
漏洞平台 N/A CVSS评分 4.3
|漏洞来源
https://cxsecurity.com/issue/WLB-2006040068
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200604-097
|漏洞详情
ChuckyA.的index.php中存在跨站脚本(XSS)漏洞.lveryN.T.1.1.0可让远程攻击者注入任意Web脚本或HTML,方式是通过一个username参数,它在管理员察看"LoginLog"页面时不会被过滤掉。
|漏洞EXP
New eVuln Advisory:
N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities
http://evuln.com/vulns/121/summary.html

--------------------Summary----------------
eVuln ID: EV0121
CVE: CVE-2006-1657 CVE-2006-1658
Vendor: Chucky A. Ivey
Software: N.T.
Sowtware's Web Site: http://www.v-gfx.net/
Versions: 1.1.0
Critical Level: Dangerous
Type: Multiple Vulnerabilities
Class: Remote
Status: Unpatched. No reply from developer(s)
PoC/Exploit: Available
Solution: Not Available
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

-----------------Description---------------
1. Cross-Site Scripting

Vulnerable Script: index.php

Parameter username is not properly sanitized. This can be used to post arbitrary HTML or web script code. This code will be executed when administrator will visit "Login Log" page.

Administrator's session is threatened.

2. PHP Code Insertion

Administrator has an ability to edit variables in ticker.db.php file. Script dont make any sanitation of entered values. This can be used to insert arbitrary PHP code.

System access is possible.

--------------PoC/Exploit----------------------
Available at: http://evuln.com/vulns/121/exploit.html

--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

Regards,
Aliaksandr Hartsuyeu
http://evuln.com - Penetration Testing Services
.
|参考资料

来源:VUPEN
名称:ADV-2006-1243
链接:http://www.frsirt.com/english/advisories/2006/1243
来源:SECUNIA
名称:19526
链接:http://secunia.com/advisories/19526
来源:MISC
链接:http://evuln.com/vulns/121/summary.html
来源:XF
名称:nt-index-xss(25638)
链接:http://xforce.iss.net/xforce/xfdb/25638
来源:BID
名称:17387
链接:http://www.securityfocus.com/bid/17387
来源:BUGTRAQ
名称:20060419[eVuln]N.T.Version1.1.0XSSandPHPCodeInsertionVulnerabilities
链接:http://www.securityfocus.com/archive/1/archive/1/431344/100/0/threaded
来源:OSVDB
名称:24397
链接:http://www.osvdb.org/24397
来源:SREASON
名称:741
链接:http://securityreason.com/securityalert/741