Basic Analysis and Security Engine PrintFreshPage Cross-Site Scripting Vulnerability
BID:17391
Info
Basic Analysis and Security Engine PrintFreshPage Cross-Site Scripting Vulnerability
| Bugtraq ID: | 17391 |
| Class: | Input Validation Error |
| CVE: |
CVE-2006-1590 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 06 2006 12:00AM |
| Updated: | Apr 06 2006 07:08PM |
| Credit: | Adam Ely is credited with the discovery of this vulnerability. |
| Vulnerable: |
BASE Basic Analysis and Security Engine 1.2.4 |
| Not Vulnerable: | |
Discussion
Basic Analysis and Security Engine PrintFreshPage Cross-Site Scripting Vulnerability
BASE is prone to a cross-site scripting vulnerability. The application fails to properly sanitize user-supplied input in the 'PrintFreshPage' function.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects version 1.2.4; other versions may also be vulnerable.
BASE is prone to a cross-site scripting vulnerability. The application fails to properly sanitize user-supplied input in the 'PrintFreshPage' function.
An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This issue affects version 1.2.4; other versions may also be vulnerable.
Exploit / POC
Basic Analysis and Security Engine PrintFreshPage Cross-Site Scripting Vulnerability
This issue can be exploited through a web client.
The following proof-of-concept examples are available:
http://www.example.com/base/base_graph_main.php?back="><script>alert("780")</script><"
http://www.example.com/base/base_stat_ipaddr.php?ip=1.1.1.1&netmask="><script>alert("780")</script><"
http://www.example.com/base-snort/base_qry_alert.php?submit=<script>780</script>&sort_order=
This issue can be exploited through a web client.
The following proof-of-concept examples are available:
http://www.example.com/base/base_graph_main.php?back="><script>alert("780")</script><"
http://www.example.com/base/base_stat_ipaddr.php?ip=1.1.1.1&netmask="><script>alert("780")</script><"
http://www.example.com/base-snort/base_qry_alert.php?submit=<script>780</script>&sort_order=
Solution / Fix
Basic Analysis and Security Engine PrintFreshPage Cross-Site Scripting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
References
Basic Analysis and Security Engine PrintFreshPage Cross-Site Scripting Vulnerability
References:
References:
- Home Page (Secure Ideas)
- Re: 3 XSS in BASE 1.2.4 (Kevin Johnson