Computer Associates Host-Based Intrusion Prevention System Server HTML Injection Vulnerability
BID:26134
Info
Computer Associates Host-Based Intrusion Prevention System Server HTML Injection Vulnerability
| Bugtraq ID: | 26134 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-5472 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 18 2007 12:00AM |
| Updated: | Oct 19 2007 07:47PM |
| Credit: | The vendor credits David Maciejak with the discovery of this vulnerability. |
| Vulnerable: |
Computer Associates Host-Based Intrusion Prevention System 8.0 93 |
| Not Vulnerable: | |
Discussion
Computer Associates Host-Based Intrusion Prevention System Server HTML Injection Vulnerability
Computer Associates Host-Based Intrusion Prevention System (CA HIPS) Server is prone to an HTML-injection vulnerability because it fails to properly sanitize data from logged requests before using it in dynamically generated content.
Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.
This issue affects versions of CA HIPS prior to 8.0.0.93.
Computer Associates Host-Based Intrusion Prevention System (CA HIPS) Server is prone to an HTML-injection vulnerability because it fails to properly sanitize data from logged requests before using it in dynamically generated content.
Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.
This issue affects versions of CA HIPS prior to 8.0.0.93.
Exploit / POC
Computer Associates Host-Based Intrusion Prevention System Server HTML Injection Vulnerability
Attackers can exploit this issue by sending specially crafted requests that will be logged by the affected system.
Attackers can exploit this issue by sending specially crafted requests that will be logged by the affected system.
Solution / Fix
Computer Associates Host-Based Intrusion Prevention System Server HTML Injection Vulnerability
Solution:
The vendor released a patch to address this issue. Please see the references for more information.
Computer Associates Host-Based Intrusion Prevention System 8.0 93
Solution:
The vendor released a patch to address this issue. Please see the references for more information.
Computer Associates Host-Based Intrusion Prevention System 8.0 93
-
Computer Associates QO91494
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91 494
References
Computer Associates Host-Based Intrusion Prevention System Server HTML Injection Vulnerability
References:
References:
- Computer Associates Homepage (Computer Associates)
- Security Notice for CA Host-Based Intrusion Prevention System (CA HIPS) Server (Computer Associates)
- [CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnera ("Williams, James K"