[UNIX] HNS Multiple Cross-Site Scripting Vulnerabilities

From: support@securiteam.com
Date: 02/18/02


From: support@securiteam.com
To: list@securiteam.com
Date: Mon, 18 Feb 2002 19:10:14 +0100 (CET)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  HNS Multiple Cross-Site Scripting Vulnerabilities
------------------------------------------------------------------------

SUMMARY

Hyper NIKKI System (HNS) is web diary software. It will run on most UNIX
and Linux variants. A security vulnerability in the product allows
attackers to cause it to show user provided HTML and JavaScript code,
making it vulnerable to a Cross Site Scripting issue.

DETAILS

Vulnerable systems:
HNS version 2.00 and prior
HNS Lite version 0.8 and prior

Immune systems:
HNS version 2.10
HNS Lite version 0.9

HNS's login.cgi incorrectly handles the incoming search parses, incoming
HTML tags or JavaScript will be included inside the result without them
being filtered out for dangerous content. A similar problem occurs with
the title.cgi's inclusion of malicious code inside the resulting title
search.

Workaround:
1) Delete log.cgi from the system, or disable its possible execution.
2) Delete title.cgi from the system, or disable its possible execution.

Solution:
Upgrade your software version to versions hns-2.10-pl2 or version
hns-2.19.3.

Note that the hns-2.10-pl2 release was created from an hns-stable branch.
While, the hns-2.19.3 was created from an hns-current branch.

ADDITIONAL INFORMATION

The information has been provided by <http://www.h14m.org/>
HyperNikkiSystem Project.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.



Relevant Pages

  • [UNIX] DCP-Portal Cross-Site Scripting
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A security vulnerability in the product allows ... the members page, this CSS vulnerability will take effect. ...
    (Securiteam)
  • [UNIX] Sensitive Information Disclosure Vulnerability Found in SIPS (PHP)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A security vulnerability in the product allows attackers to get access to ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)
  • [NT] DoS Vulnerability Found in VisNetic ActiveDefense
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... exploitable denial of service vulnerability has been found in the product ... * VisNetic ActiveDefense version 1.3.1 and early ...
    (Securiteam)
  • [NT] Zaep AntiSpam Cross Site Scripting
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... Beyond Security has discovered a security vulnerability in ... Zaep AntiSpam 2.0, ...
    (Securiteam)
  • [UNIX] HNSs webif.cgi Allows Overwriting of Diary Content
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Hyper NIKKI System (HNS) is web diary software. ... There is a remote vulnerability in webif.cgi that allows remote attackers ...
    (Securiteam)