[SecurityOffice] Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability

• Previous message: NGSSoftware Insight Security Research: "Oracle9i Application Server Format String Vulnerability (#NISR16022003d)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Mon, 17 Mar 2003 16:21:30 +0200
From: Tamer Sahin <ts@SECURITYOFFICE.NET>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: MD5

- --[ Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability ]--

- --[ Type

Information Leakage

- --[ Release Date

March 17, 2003

- --[ Product / Vendor

NetCharts XBRL Server 4.0 is a data visualization service that generates
charts and graphs, tables, and reports. It can be used alone or

in conjunction with any web infrastructure from the simplest CGI scripts
to the most sophisticated Enterprise Application Server.

Any data source—
   - Oracle
   - Sybase
   - Any JDBC
   - Any ODBC: Excel, Access, SQL Server
   - Legacy systems
   - XBRL
   - XML
   - …and others

Anyhow, anywhere—
   - TIFF, BMP, JPEG
   - Java Applets
   - Flash, PDF, HTML pages
   - J2EE
   - COM / ASP / .NET
   - Cold Fusion
   - …and more

http://www.visualmining.com

- --[ Summary

A client may connect to the target machine and deliver several requests
with an invalid chunked encoded body.

The potential for information leakage is great but the risk is mitigated
somewhat by the unpredictability of the query-response desynchronisation.
Depending on the target site this may be somewhat exploitable by a malicious
user to redirect other users to a specific response by saturating the
communcation channels with a desired response.

==================== SNIP ====================

GET /index.jsp HTTP/1.1
Host: victim.com
Transfer-Encoding: Chunked

53636f7474

==================== SNIP ====================

Related:
Recently disclosured advisory:
http://online.securityfocus.com/bid/6320

- --[ Tested

Netcharts XBRL Server v4.0.0 for Windows 2000

- --[ Vulnerable

Netcharts XBRL Server v4.0.0 for Windows 2000

- --[ Disclaimer

http://www.securityoffice.net is not responsible for the misuse or illegal
use of any of the information and/or the software listed on this security advisory.

- --[ Author

Tamer Sahin
ts@securityoffice.net
http://www.securityoffice.net

All our advisories can be viewed at http://www.securityoffice.net/articles/

Please send suggestions, updates, and comments to feedback@securityoffice.net

(c) 2002 SecurityOffice

This Security Advisory may be reproduced and distributed, provided that this
Security Advisory is not modified in any way and is attributed to SecurityOffice
and provided that such reproduction and distribution is performed for non-commercial
purposes.

Tamer Sahin
http://www.securityoffice.net

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQEVAwUAPnXZ7fpL5ibJRTtBAQGumAf/YNAO3WXNX9AjEGQWhbzv30i7OrvWYn7x
k1WQr799SGi+phM5GIhshP8zuLsQ0p6FyP1ICtJquYNdQU0FDre5j/if7iuzj5vx
H7YBqUduH8GK3bxqgY/DHtbxm5KWwNplT3V09DWgbKU/bkowHFQ0PCiQGI+YQKe9
QB4teHr681wj5s1LsHxljbEvzeMt70RAcC2B7ja2wCvdIFPxAZ2luaK9hC8b8gN5
llI42aHL9Yr1q9K9REhqjOneRf5inMEXPBfdsv4d6MJKG2Obe2YPTwwqMtVZ1+3F
92ChyEKEylnenyTpaVEijwsyrItKBL0JYO7VlH42vHV4uH2HzIxbbA==
=Y2pr
-----END PGP SIGNATURE-----

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Delivery co-sponsored by TruSecure Corporation
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
TICSA - Anniversary Special - Limited Time

Become TICSA certified for just $221.25 US when you register before 3/31/03
with PROMO "TS0103" at www.2test.com. NO membership fees, certification
good for 2 years. Price for international delivery just $296.25 US, with
this offer. Offer cannot be combined with any other special and expires
3/31/03. Visit www.trusecure.com/ticsa for full details.

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

• Next message: NGSSoftware Insight Security Research: "Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)"
• Previous message: NGSSoftware Insight Security Research: "Oracle9i Application Server Format String Vulnerability (#NISR16022003d)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [SecurityOffice] Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability ... NetCharts XBRL Server 4.0 is a data visualization service that generates ... The potential for information leakage is great but the risk is mitigated ... This Security Advisory may be reproduced and distributed, ... (Bugtraq) [VulnWatch] [SecurityOffice] Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability ... NetCharts XBRL Server 4.0 is a data visualization service that generates ... The potential for information leakage is great but the risk is mitigated ... This Security Advisory may be reproduced and distributed, ... (VulnWatch) [Full-Disclosure] [SecurityOffice] Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability ... NetCharts XBRL Server 4.0 is a data visualization service that generates ... The potential for information leakage is great but the risk is mitigated ... This Security Advisory may be reproduced and distributed, ... (Full-Disclosure)