LacoodaST and La!cooda WIZ Multiple Remote Vulnerabilities
BID:30791
Info
LacoodaST and La!cooda WIZ Multiple Remote Vulnerabilities
| Bugtraq ID: | 30791 |
| Class: | Input Validation Error |
| CVE: |
CVE-2008-3736 CVE-2008-3737 CVE-2008-3738 CVE-2008-3739 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 21 2008 12:00AM |
| Updated: | Aug 28 2008 07:14PM |
| Credit: | Hirotaka Katagari |
| Vulnerable: |
System Consultants Co., Ltd. La!cooda WIZ 1.4 SpaceTag, Inc. LacoodaST 2.1.3 |
| Not Vulnerable: | |
Discussion
LacoodaST and La!cooda WIZ Multiple Remote Vulnerabilities
LacoodaST and La!cooda WIZ are prone to multiple vulnerabilities including cross-site scripting, cross-site request-forgery, and server-side script-execution issues. LacoodaST is additionally vulnerable to a session-fixation issue.
Attackers can exploit these issues to:
- execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site
- steal cookie-based authentication credentials
- hijack a user's session and gain unauthorized access to the affected application
- execute server-side script code.
These issues affect the following:
LacoodaST 2.1.3 and earlier versions
La!cooda WIZ 4.1.0 and earlier versions
LacoodaST and La!cooda WIZ are prone to multiple vulnerabilities including cross-site scripting, cross-site request-forgery, and server-side script-execution issues. LacoodaST is additionally vulnerable to a session-fixation issue.
Attackers can exploit these issues to:
- execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site
- steal cookie-based authentication credentials
- hijack a user's session and gain unauthorized access to the affected application
- execute server-side script code.
These issues affect the following:
LacoodaST 2.1.3 and earlier versions
La!cooda WIZ 4.1.0 and earlier versions
Exploit / POC
LacoodaST and La!cooda WIZ Multiple Remote Vulnerabilities
An attacker can exploit these issues via a browser. To exploit some of these issues, the attacker must entice an unsuspecting victim into following a malicious URI.
An attacker can exploit these issues via a browser. To exploit some of these issues, the attacker must entice an unsuspecting victim into following a malicious URI.
Solution / Fix
LacoodaST and La!cooda WIZ Multiple Remote Vulnerabilities
Solution:
Reportedly, the vendor has released fixes, but Symantec has not confirmed this.
Solution:
Reportedly, the vendor has released fixes, but Symantec has not confirmed this.
References
LacoodaST and La!cooda WIZ Multiple Remote Vulnerabilities
References:
References:
- About multiple vulnerabilities in La!cooda WIZ (System Consultants Co., Ltd.)
- About multiple vulnerabilities in LacoodaST (SpaceTag, Inc.)
- La!cooda WIZ and LacoodaST vulnerable to cross-site request forgery (Hirotaka Katagiri)
- La!cooda WIZ and LacoodaST vulnerable to cross-site scripting (Hirotaka Katagiri)
- LacoodaST from SpaceTag, Inc. session fixation vulnerability (Hirotaka Katagiri)
- Vulnerability in La!cooda WIZ and LacoodaST allowing an arbitrary PHP script exe (Hirotaka Katagiri)