BugTraq
Back to list
|
Post reply
[SCSA-001] Sambar Server Cross-Site Scripting vulnerability
Jan 22 2003 09:58PM
Le Bras Grégory (gregory lebras security-corp org)
.: Sambar Server Cross-Site Scripting vulnerability :.
________________________________________________________________________
Security Corporation Security Advisory [SCSA-001]
________________________________________________________________________
PROGRAM: Sambar Server
HOMEPAGE: http://www.sambar.com/
VULNERABLE VERSIONS: 5.3 and prior
________________________________________________________________________
DESCRIPTION
________________________________________________________________________
"Sambar Server is the new standard in high performance multi-functional
servers with features rivaling other commercial products selling
separately for several hundreds of dollars. It's Winsock2 compliant Win32
integration functions on Windows 95, Windows 98, Windows NT, Win2000,
and XP as a service or as an application."
(direct quote from http://sambar.jalyn.net)
DETAILS
________________________________________________________________________
An exploitable bug was found on Sambar Server which cause javascript
execution on client's computer by following a crafted url.
This kind of attack known as "Cross-Site Scripting Vulnerability" is
present in search section of the web site, anyone can input specially
crafted links and/or other malicious scripts.
EXPLOITS
________________________________________________________________________
http://localhost/search/results.stm?query=<script>alert('Test%20of
%
20vulnera
bility');</script>
SOLUTIONS
________________________________________________________________________
"Until a patch is available, this vulnerability can only be eliminated by
removing the search/results.stm search page and thereby disabling search"
VENDOR STATUS
________________________________________________________________________
Sambar has been contacted. (http://www.sambar.com/security.htm)
No update available for the moment.
------------------------------------------------------------------
Grégory Le Bras aka GaLiaRePt | http://www.Security-Corp.org
------------------------------------------------------------------
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
.: Sambar Server Cross-Site Scripting vulnerability :.
________________________________________________________________________
Security Corporation Security Advisory [SCSA-001]
________________________________________________________________________
PROGRAM: Sambar Server
HOMEPAGE: http://www.sambar.com/
VULNERABLE VERSIONS: 5.3 and prior
________________________________________________________________________
DESCRIPTION
________________________________________________________________________
"Sambar Server is the new standard in high performance multi-functional
servers with features rivaling other commercial products selling
separately for several hundreds of dollars. It's Winsock2 compliant Win32
integration functions on Windows 95, Windows 98, Windows NT, Win2000,
and XP as a service or as an application."
(direct quote from http://sambar.jalyn.net)
DETAILS
________________________________________________________________________
An exploitable bug was found on Sambar Server which cause javascript
execution on client's computer by following a crafted url.
This kind of attack known as "Cross-Site Scripting Vulnerability" is
present in search section of the web site, anyone can input specially
crafted links and/or other malicious scripts.
EXPLOITS
________________________________________________________________________
http://localhost/search/results.stm?query=<script>alert('Test%20of
%
20vulnera
bility');</script>
SOLUTIONS
________________________________________________________________________
"Until a patch is available, this vulnerability can only be eliminated by
removing the search/results.stm search page and thereby disabling search"
VENDOR STATUS
________________________________________________________________________
Sambar has been contacted. (http://www.sambar.com/security.htm)
No update available for the moment.
------------------------------------------------------------------
Grégory Le Bras aka GaLiaRePt | http://www.Security-Corp.org
------------------------------------------------------------------
[ reply ]