BID:52085

F*EX Multiple Cross Site Scripting Vulnerabilities

Info

F*EX Multiple Cross Site Scripting Vulnerabilities

Bugtraq ID:	52085
Class:	Input Validation Error
CVE:	CVE-2012-0869 CVE-2012-1293
Remote:	Yes
Local:	No
Published:	Feb 20 2012 12:00AM
Updated:	Mar 19 2015 07:35AM
Credit:	muuratsalo
Vulnerable:	FEX FEX 20111129-2 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 FEX FEX 20100208 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0

Not Vulnerable:	FEX FEX 20120215 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0

Discussion

F*EX Multiple Cross Site Scripting Vulnerabilities

F*EX is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal cookie-based authentication credentials. Other attacks are also possible.

Exploit / POC

F*EX Multiple Cross Site Scripting Vulnerabilities

An attacker can exploit these issues through a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.

The following example URIs are available:

http://www.example.com/fup [id parameter]
http://www.example.com/fup [to parameter]
http://www.example.com/fup [from parameter]

Solution / Fix

F*EX Multiple Cross Site Scripting Vulnerabilities

Solution:
Vendor updates are available. Please see the references for more information.

References

F*EX Multiple Cross Site Scripting Vulnerabilities

References:

F*EX <= 20100208 Cross Site Scripting Vulnerabilities (muuratsalo)
F*EX 20111129-2 Cross Site Scripting Vulnerability (muuratsalo)
F*EX Homepage (F*EX)