SlideShare a Scribd company logo

50063

R
Rui Dong
1 of 3
Download to read offline
Vulnerability AlertSymantec SilverStripe Multiple Cross-Site Scripting Vulnerabilities 50063Bugtraq ID Threat Breakdown Credibility Single Source Ease of Exploit Impact Severity 8 4 6.1 Synopsis Urgency Rating 6.1 CVSS Version 2 CVSS2 Base CVSS2 Temporal 5.8 5 CVE-MAP-NOMATCH Oct 11 2011Published Classification Input Validation Error Remote Yes Local No Availability User Initiated Authentication Not Required Ease Exploit Available Last Update 10/11/2011 7:12:43 PM GMT Last Change Initial analysis. CVE CVSS2 Base CVSS1 Base 5.8 3.7 CVSS Version 2 CVSS Version 1 CVSS2 Base Vector CVSS1 Temporal AV:N/AC:M/Au:N/C:P/I:P/A:N 3.2 CVSS2 Temporal 5 CVSS2 Temporal Vector E:F/RL:U/RC:UC NVD CVSS2 BaseScore 4.3 NVD CVSS2 Component String AV:N/AC:M/Au:N/C:N/I:P/A:N Vulnerable Systems SilverStripe SilverStripe 2.4.5 cpe:/a:silverstripe:silverstripe:2.4.5 SYMC Short Summary SilverStripe is prone to multiple cross-site scripting vulnerabilities. Impact An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Technical Description SilverStripe is an open source content management system. The application is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input passed through the following URIs: 'admin/reports' 'admin/comments' 'admin' 'admin/show/4' 'admin/show/2' 'admin/show/root' 'admin/show/3' 'admin/show' SilverStripe Multiple Cross-Site Scripting Vulnerabilities Create Date 10/11/2011 7:15:13 PM GMT
'admin/reports' 'admin/comments' 'admin' 'admin/show/4' 'admin/show/2' 'admin/show/root' 'admin/show/3' 'admin/show' 'admin/assets' 'admin/show/1' 'admin/show/5' 'admin/security' An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. SilverStripe 2.4.5 is vulnerable; other versions may also be affected. Attack Scenarios 1. An attacker scans for and locates a site running the affected application. 2. The attacker crafts a URI that includes malicious script code to leverage any of the issues. 3. The attacker uses email or some other means to distribute the malicious link and entice an unsuspecting user to follow it. 4. When the user follows the link, the attacker-specified script code runs in their browser in the context of the affected site. A successful exploit will allow the attacker to steal cookie-based authentication credentials and launch other attacks. Exploits An attacker can exploit these issues by enticing an unsuspecting user to follow a malicious URI. The following example is available: Stefan Schurtz 2011-10-11 00:00:00Z http://downloads.securityfocus.com/vulnerabilities/exploits/50063.txt Mitigating Strategies Block external access at the network boundary, unless external parties require service. If global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit. Run all software as a nonprivileged user with minimal access rights. Attackers may successfully exploit client flaws in the browser through cross-site scripting vulnerabilities. When possible, run client software as regular user accounts with limited access to system resources. This may limit the immediate consequences of client-side vulnerabilities. Do not follow links provided by unknown or untrusted sources. Web users should be cautious about following links to websites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users. SilverStripe Multiple Cross-Site Scripting Vulnerabilities Create Date 10/11/2011 7:15:13 PM GMT
Set web browser security to disable the execution of script code or active content. Since exploiting cross-site scripting issues often requires the execution of malicious script code in web clients, consider disabling script code and active content support within a client browser as a way to prevent a successful exploit. Note that this mitigation tactic might adversely affect legitimate websites that rely on the execution of browser-based script code. Solutions Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com. Credit Stefan Schurtz References Advisory:SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities Stefan Schurtz http://www.rul3z.de/advisories/SSCHADV2011-024.txt SilverStripe 2.4.5 Multiple backend Cross-site scripting (sschurtz@t-online.de) http://www.securityfocus.com/archive/1/201110080822.p988MCbu025404@sf01web2.securityfocus.com Web Page:SilverStripe Homepage SilverStripe http://www.silverstripe.com Change Log 2011.10.11: Initial analysis. URL https://alerts.symantec.com/loaddocument.aspx?GUID=d3c2871c-f066-41c9-8208-942c79f84d0a SilverStripe Multiple Cross-Site Scripting Vulnerabilities Create Date 10/11/2011 7:15:13 PM GMT

Recommended

SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationshipn|u - The Open Security Community
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLFn|u - The Open Security Community
 
Unifi securitybugs sep2013
Unifi securitybugs sep2013Unifi securitybugs sep2013
Unifi securitybugs sep2013testslidesha12
 
Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013Javier Santiago Vargas Paredes
 
Pen test methodology
Pen test methodologyPen test methodology
Pen test methodologyCahyo Darujati
 
Technical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defenseTechnical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defenseISSA LA
 
Cloud Security or: How I Learned to Stop Worrying & Love the Cloud
Cloud Security or: How I Learned to Stop Worrying & Love the CloudCloud Security or: How I Learned to Stop Worrying & Love the Cloud
Cloud Security or: How I Learned to Stop Worrying & Love the CloudMarkAnnati
 
PASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat ModelingPASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat ModelingCraig Walker, CISSP
 

Recommended

SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationshipn|u - The Open Security Community
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLFn|u - The Open Security Community
 
Unifi securitybugs sep2013
Unifi securitybugs sep2013Unifi securitybugs sep2013
Unifi securitybugs sep2013testslidesha12
 
Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013Javier Santiago Vargas Paredes
 
Pen test methodology
Pen test methodologyPen test methodology
Pen test methodologyCahyo Darujati
 
Technical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defenseTechnical track kevin cardwell-10-00 am-solid-defense
Technical track kevin cardwell-10-00 am-solid-defenseISSA LA
 
Cloud Security or: How I Learned to Stop Worrying & Love the Cloud
Cloud Security or: How I Learned to Stop Worrying & Love the CloudCloud Security or: How I Learned to Stop Worrying & Love the Cloud
Cloud Security or: How I Learned to Stop Worrying & Love the CloudMarkAnnati
 
PASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat ModelingPASTA: Risk-centric Threat Modeling
PASTA: Risk-centric Threat ModelingCraig Walker, CISSP
 
Web Application Penetration Testing Introduction
Web Application Penetration Testing IntroductionWeb Application Penetration Testing Introduction
Web Application Penetration Testing Introductiongbud7
 
Understanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known VulnerabilitiesUnderstanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known VulnerabilitiesAnant Shrivastava
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application VulnerabilitiesPreetish Panda
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentationOwasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentationDerrick Hunter
 
Report on xss and do s
Report on xss and do sReport on xss and do s
Report on xss and do smehr77
 
Computer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksComputer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksTesfahunegn Minwuyelet
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingNetsparker
 
Explore Security Testing
Explore Security TestingExplore Security Testing
Explore Security Testingshwetaupadhyay
 
Automatic detction of web apps vulnerability
Automatic detction of web apps vulnerabilityAutomatic detction of web apps vulnerability
Automatic detction of web apps vulnerability임채호 박사님
 
Entropy Variation Analysis Based on Monitoring
Entropy Variation Analysis Based on MonitoringEntropy Variation Analysis Based on Monitoring
Entropy Variation Analysis Based on MonitoringR.PRABHU R.RAJENDRAN
 
Information security
Information securityInformation security
Information securityBhushan Gurav
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
A Heartbleed By Any Other Name - Data Driven Vulnerability Management
A Heartbleed By Any Other Name - Data Driven Vulnerability ManagementA Heartbleed By Any Other Name - Data Driven Vulnerability Management
A Heartbleed By Any Other Name - Data Driven Vulnerability ManagementMichael Roytman
 
Introduction to security testing
Introduction to security testingIntroduction to security testing
Introduction to security testingNagasahas DS
 
Security-testing presentation
Security-testing presentationSecurity-testing presentation
Security-testing presentationEzhilan Elangovan (Eril)
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilitiesphanleson
 
SonicWALL Advanced Features
SonicWALL Advanced FeaturesSonicWALL Advanced Features
SonicWALL Advanced FeaturesDavid Perkins
 
Network security
Network securityNetwork security
Network securityFekadu Abera
 
KJohnson CURRENT resume November 2015
KJohnson CURRENT resume November 2015KJohnson CURRENT resume November 2015
KJohnson CURRENT resume November 2015Kim E Johnson
 
Proyecto 1
Proyecto 1Proyecto 1
Proyecto 1constanza1991
 

More Related Content

What's hot

Web Application Penetration Testing Introduction
Web Application Penetration Testing IntroductionWeb Application Penetration Testing Introduction
Web Application Penetration Testing Introductiongbud7
 
Understanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known VulnerabilitiesUnderstanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known VulnerabilitiesAnant Shrivastava
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application VulnerabilitiesPreetish Panda
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentationOwasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentationDerrick Hunter
 
Report on xss and do s
Report on xss and do sReport on xss and do s
Report on xss and do smehr77
 
Computer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksComputer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksTesfahunegn Minwuyelet
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingNetsparker
 
Explore Security Testing
Explore Security TestingExplore Security Testing
Explore Security Testingshwetaupadhyay
 
Automatic detction of web apps vulnerability
Automatic detction of web apps vulnerabilityAutomatic detction of web apps vulnerability
Automatic detction of web apps vulnerability임채호 박사님
 
Entropy Variation Analysis Based on Monitoring
Entropy Variation Analysis Based on MonitoringEntropy Variation Analysis Based on Monitoring
Entropy Variation Analysis Based on MonitoringR.PRABHU R.RAJENDRAN
 
Information security
Information securityInformation security
Information securityBhushan Gurav
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
A Heartbleed By Any Other Name - Data Driven Vulnerability Management
A Heartbleed By Any Other Name - Data Driven Vulnerability ManagementA Heartbleed By Any Other Name - Data Driven Vulnerability Management
A Heartbleed By Any Other Name - Data Driven Vulnerability ManagementMichael Roytman
 
Introduction to security testing
Introduction to security testingIntroduction to security testing
Introduction to security testingNagasahas DS
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilitiesphanleson
 
SonicWALL Advanced Features
SonicWALL Advanced FeaturesSonicWALL Advanced Features
SonicWALL Advanced FeaturesDavid Perkins
 

What's hot (20)

Web Application Penetration Testing Introduction
Web Application Penetration Testing IntroductionWeb Application Penetration Testing Introduction
Web Application Penetration Testing Introduction
 
Understanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known VulnerabilitiesUnderstanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known Vulnerabilities
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application Vulnerabilities
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK framework
 
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentationOwasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
Owasp A9 USING KNOWN VULNERABLE COMPONENTS IT 6873 presentation
 
Report on xss and do s
Report on xss and do sReport on xss and do s
Report on xss and do s
 
Computer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksComputer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacks
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
 
Explore Security Testing
Explore Security TestingExplore Security Testing
Explore Security Testing
 
Automatic detction of web apps vulnerability
Automatic detction of web apps vulnerabilityAutomatic detction of web apps vulnerability
Automatic detction of web apps vulnerability
 
Entropy Variation Analysis Based on Monitoring
Entropy Variation Analysis Based on MonitoringEntropy Variation Analysis Based on Monitoring
Entropy Variation Analysis Based on Monitoring
 
Information security
Information securityInformation security
Information security
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter Hacking
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
 
A Heartbleed By Any Other Name - Data Driven Vulnerability Management
A Heartbleed By Any Other Name - Data Driven Vulnerability ManagementA Heartbleed By Any Other Name - Data Driven Vulnerability Management
A Heartbleed By Any Other Name - Data Driven Vulnerability Management
 
Introduction to security testing
Introduction to security testingIntroduction to security testing
Introduction to security testing
 
Security-testing presentation
Security-testing presentationSecurity-testing presentation
Security-testing presentation
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilities
 
SonicWALL Advanced Features
SonicWALL Advanced FeaturesSonicWALL Advanced Features
SonicWALL Advanced Features
 
Network security
Network securityNetwork security
Network security
 

Viewers also liked

KJohnson CURRENT resume November 2015
KJohnson CURRENT resume November 2015KJohnson CURRENT resume November 2015
KJohnson CURRENT resume November 2015Kim E Johnson
 
Part 4: 100 frequently Googled accounting topics & terms (Infographic)
Part 4: 100 frequently Googled accounting topics & terms (Infographic)Part 4: 100 frequently Googled accounting topics & terms (Infographic)
Part 4: 100 frequently Googled accounting topics & terms (Infographic)InvestmentPal
 
İzmi̇r çi̇li̇ngi̇r ki̇li̇t
İzmi̇r çi̇li̇ngi̇r ki̇li̇tİzmi̇r çi̇li̇ngi̇r ki̇li̇t
İzmi̇r çi̇li̇ngi̇r ki̇li̇tTALHA kara
 
Guía práctica para programación lineal
Guía práctica para programación linealGuía práctica para programación lineal
Guía práctica para programación linealGeovanni Anco Flores
 
Traffic controller
Traffic controllerTraffic controller
Traffic controllerviv3ksharma
 
Buy Automobile Corporation of Goa for a target of Rs549 - IndiaNivesh
Buy Automobile Corporation of Goa for a target of Rs549 - IndiaNiveshBuy Automobile Corporation of Goa for a target of Rs549 - IndiaNivesh
Buy Automobile Corporation of Goa for a target of Rs549 - IndiaNiveshIndiaNotes.com
 
Alexander Voronov Test driven development in real world
Alexander Voronov Test driven development in real worldAlexander Voronov Test driven development in real world
Alexander Voronov Test driven development in real worldАліна Шепшелей
 
Google Shortcuts, Tools and Jing
Google Shortcuts, Tools and JingGoogle Shortcuts, Tools and Jing
Google Shortcuts, Tools and JingIşıl Boy
 

Viewers also liked (13)

KJohnson CURRENT resume November 2015
KJohnson CURRENT resume November 2015KJohnson CURRENT resume November 2015
KJohnson CURRENT resume November 2015
 
Proyecto 1
Proyecto 1Proyecto 1
Proyecto 1
 
Part 4: 100 frequently Googled accounting topics & terms (Infographic)
Part 4: 100 frequently Googled accounting topics & terms (Infographic)Part 4: 100 frequently Googled accounting topics & terms (Infographic)
Part 4: 100 frequently Googled accounting topics & terms (Infographic)
 
Insurance topics
Insurance topicsInsurance topics
Insurance topics
 
İzmi̇r çi̇li̇ngi̇r ki̇li̇t
İzmi̇r çi̇li̇ngi̇r ki̇li̇tİzmi̇r çi̇li̇ngi̇r ki̇li̇t
İzmi̇r çi̇li̇ngi̇r ki̇li̇t
 
Guía práctica para programación lineal
Guía práctica para programación linealGuía práctica para programación lineal
Guía práctica para programación lineal
 
Programación lineal1
Programación lineal1Programación lineal1
Programación lineal1
 
MBA Dissertation Thesis
MBA Dissertation ThesisMBA Dissertation Thesis
MBA Dissertation Thesis
 
Traffic controller
Traffic controllerTraffic controller
Traffic controller
 
Sesión de aprendizaje
Sesión de aprendizajeSesión de aprendizaje
Sesión de aprendizaje
 
Buy Automobile Corporation of Goa for a target of Rs549 - IndiaNivesh
Buy Automobile Corporation of Goa for a target of Rs549 - IndiaNiveshBuy Automobile Corporation of Goa for a target of Rs549 - IndiaNivesh
Buy Automobile Corporation of Goa for a target of Rs549 - IndiaNivesh
 
Alexander Voronov Test driven development in real world
Alexander Voronov Test driven development in real worldAlexander Voronov Test driven development in real world
Alexander Voronov Test driven development in real world
 
Google Shortcuts, Tools and Jing
Google Shortcuts, Tools and JingGoogle Shortcuts, Tools and Jing
Google Shortcuts, Tools and Jing
 

Similar to 50063

VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxkarthikvcyber
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxDARSHANBHAVSAR14
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Managing Security in External Software Dependencies
Managing Security in External Software DependenciesManaging Security in External Software Dependencies
Managing Security in External Software Dependenciesthariyarox
 
Managing Security in External Software Dependencies
Managing Security in External Software DependenciesManaging Security in External Software Dependencies
Managing Security in External Software DependenciesTharindu Edirisinghe
 
Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008abhijitapatil
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxAjayKumar73315
 
Prevention Against CSRF Attack using Client Server Mutual Authentication Tech...
Prevention Against CSRF Attack using Client Server Mutual Authentication Tech...Prevention Against CSRF Attack using Client Server Mutual Authentication Tech...
Prevention Against CSRF Attack using Client Server Mutual Authentication Tech...IRJET Journal
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerShivamSharma909
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelinesZakaria SMAHI
 
Secure Software Development with 3rd Party Dependencies
Secure Software Development with 3rd Party DependenciesSecure Software Development with 3rd Party Dependencies
Secure Software Development with 3rd Party Dependenciesthariyarox
 
Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08kamensm02
 
ENHANCING THE IMPREGNABILITY OF LINUX SERVERS
ENHANCING THE IMPREGNABILITY OF LINUX SERVERSENHANCING THE IMPREGNABILITY OF LINUX SERVERS
ENHANCING THE IMPREGNABILITY OF LINUX SERVERSIJNSA Journal
 
Enhancing the impregnability of linux servers
Enhancing the impregnability of linux serversEnhancing the impregnability of linux servers
Enhancing the impregnability of linux serversIJNSA Journal
 
ransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptxransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptxdawitTerefe5
 
vulnerability scanning and reporting tool
vulnerability scanning and reporting toolvulnerability scanning and reporting tool
vulnerability scanning and reporting toolBhagyashri Chalakh
 

Similar to 50063 (20)

VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
 
T04505103106
T04505103106T04505103106
T04505103106
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
AW-Infs201101067.pptx
AW-Infs201101067.pptxAW-Infs201101067.pptx
AW-Infs201101067.pptx
 
Novinky F5
Novinky F5Novinky F5
Novinky F5
 
Managing Security in External Software Dependencies
Managing Security in External Software DependenciesManaging Security in External Software Dependencies
Managing Security in External Software Dependencies
 
Managing Security in External Software Dependencies
Managing Security in External Software DependenciesManaging Security in External Software Dependencies
Managing Security in External Software Dependencies
 
Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008
 
Overview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptxOverview of Vulnerability Scanning.pptx
Overview of Vulnerability Scanning.pptx
 
Prevention Against CSRF Attack using Client Server Mutual Authentication Tech...
Prevention Against CSRF Attack using Client Server Mutual Authentication Tech...Prevention Against CSRF Attack using Client Server Mutual Authentication Tech...
Prevention Against CSRF Attack using Client Server Mutual Authentication Tech...
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answer
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelines
 
Secure Software Development with 3rd Party Dependencies
Secure Software Development with 3rd Party DependenciesSecure Software Development with 3rd Party Dependencies
Secure Software Development with 3rd Party Dependencies
 
Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08Bank World 2008 Kamens 04 29 08
Bank World 2008 Kamens 04 29 08
 
ENHANCING THE IMPREGNABILITY OF LINUX SERVERS
ENHANCING THE IMPREGNABILITY OF LINUX SERVERSENHANCING THE IMPREGNABILITY OF LINUX SERVERS
ENHANCING THE IMPREGNABILITY OF LINUX SERVERS
 
Enhancing the impregnability of linux servers
Enhancing the impregnability of linux serversEnhancing the impregnability of linux servers
Enhancing the impregnability of linux servers
 
ransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptxransomware keylogger rootkit.pptx
ransomware keylogger rootkit.pptx
 
vulnerability scanning and reporting tool
vulnerability scanning and reporting toolvulnerability scanning and reporting tool
vulnerability scanning and reporting tool
 

50063

  • 1. Vulnerability AlertSymantec SilverStripe Multiple Cross-Site Scripting Vulnerabilities 50063Bugtraq ID Threat Breakdown Credibility Single Source Ease of Exploit Impact Severity 8 4 6.1 Synopsis Urgency Rating 6.1 CVSS Version 2 CVSS2 Base CVSS2 Temporal 5.8 5 CVE-MAP-NOMATCH Oct 11 2011Published Classification Input Validation Error Remote Yes Local No Availability User Initiated Authentication Not Required Ease Exploit Available Last Update 10/11/2011 7:12:43 PM GMT Last Change Initial analysis. CVE CVSS2 Base CVSS1 Base 5.8 3.7 CVSS Version 2 CVSS Version 1 CVSS2 Base Vector CVSS1 Temporal AV:N/AC:M/Au:N/C:P/I:P/A:N 3.2 CVSS2 Temporal 5 CVSS2 Temporal Vector E:F/RL:U/RC:UC NVD CVSS2 BaseScore 4.3 NVD CVSS2 Component String AV:N/AC:M/Au:N/C:N/I:P/A:N Vulnerable Systems SilverStripe SilverStripe 2.4.5 cpe:/a:silverstripe:silverstripe:2.4.5 SYMC Short Summary SilverStripe is prone to multiple cross-site scripting vulnerabilities. Impact An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Technical Description SilverStripe is an open source content management system. The application is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input passed through the following URIs: 'admin/reports' 'admin/comments' 'admin' 'admin/show/4' 'admin/show/2' 'admin/show/root' 'admin/show/3' 'admin/show' SilverStripe Multiple Cross-Site Scripting Vulnerabilities Create Date 10/11/2011 7:15:13 PM GMT
  • 2. 'admin/reports' 'admin/comments' 'admin' 'admin/show/4' 'admin/show/2' 'admin/show/root' 'admin/show/3' 'admin/show' 'admin/assets' 'admin/show/1' 'admin/show/5' 'admin/security' An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. SilverStripe 2.4.5 is vulnerable; other versions may also be affected. Attack Scenarios 1. An attacker scans for and locates a site running the affected application. 2. The attacker crafts a URI that includes malicious script code to leverage any of the issues. 3. The attacker uses email or some other means to distribute the malicious link and entice an unsuspecting user to follow it. 4. When the user follows the link, the attacker-specified script code runs in their browser in the context of the affected site. A successful exploit will allow the attacker to steal cookie-based authentication credentials and launch other attacks. Exploits An attacker can exploit these issues by enticing an unsuspecting user to follow a malicious URI. The following example is available: Stefan Schurtz 2011-10-11 00:00:00Z http://downloads.securityfocus.com/vulnerabilities/exploits/50063.txt Mitigating Strategies Block external access at the network boundary, unless external parties require service. If global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit. Run all software as a nonprivileged user with minimal access rights. Attackers may successfully exploit client flaws in the browser through cross-site scripting vulnerabilities. When possible, run client software as regular user accounts with limited access to system resources. This may limit the immediate consequences of client-side vulnerabilities. Do not follow links provided by unknown or untrusted sources. Web users should be cautious about following links to websites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users. SilverStripe Multiple Cross-Site Scripting Vulnerabilities Create Date 10/11/2011 7:15:13 PM GMT
  • 3. Set web browser security to disable the execution of script code or active content. Since exploiting cross-site scripting issues often requires the execution of malicious script code in web clients, consider disabling script code and active content support within a client browser as a way to prevent a successful exploit. Note that this mitigation tactic might adversely affect legitimate websites that rely on the execution of browser-based script code. Solutions Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com. Credit Stefan Schurtz References Advisory:SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities Stefan Schurtz http://www.rul3z.de/advisories/SSCHADV2011-024.txt SilverStripe 2.4.5 Multiple backend Cross-site scripting (sschurtz@t-online.de) http://www.securityfocus.com/archive/1/201110080822.p988MCbu025404@sf01web2.securityfocus.com Web Page:SilverStripe Homepage SilverStripe http://www.silverstripe.com Change Log 2011.10.11: Initial analysis. URL https://alerts.symantec.com/loaddocument.aspx?GUID=d3c2871c-f066-41c9-8208-942c79f84d0a SilverStripe Multiple Cross-Site Scripting Vulnerabilities Create Date 10/11/2011 7:15:13 PM GMT