Oracle HTTP Server isqlplus Cross-Site Scripting Vulnerability
BID:9484
Info
Oracle HTTP Server isqlplus Cross-Site Scripting Vulnerability
| Bugtraq ID: | 9484 |
| Class: | Input Validation Error |
| CVE: |
CVE-2004-2115 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 24 2004 12:00AM |
| Updated: | Jul 12 2009 02:06AM |
| Credit: | Discovery credited to Rafel Ivgi, The-Insider <[email protected]>. |
| Vulnerable: |
Oracle Oracle HTTP Server 9.2 .0 Oracle Oracle HTTP Server 9.0.1 Oracle Oracle HTTP Server 8.1.7 |
| Not Vulnerable: | |
Discussion
Oracle HTTP Server isqlplus Cross-Site Scripting Vulnerability
Oracle HTTP Server is reportedly prone to a cross-site scripting issue. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the web server and may allow for theft of cookie-based authentication credentials or other attacks.
Oracle HTTP Server is reportedly prone to a cross-site scripting issue. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the web server and may allow for theft of cookie-based authentication credentials or other attacks.
Exploit / POC
Oracle HTTP Server isqlplus Cross-Site Scripting Vulnerability
The following proof of concepts were supplied:
http://<host>/isqlplus?action=logon&username=sdfds%22%3e%3cscript%3ealert('XSS')%3c/script%3e\&password=dsfsd%3cscript%3ealert('XSS')%3c/script%3e
http://<host>/isqlplus?action=<script>alert('XSS')</script>
The following proof of concepts were supplied:
http://<host>/isqlplus?action=logon&username=sdfds%22%3e%3cscript%3ealert('XSS')%3c/script%3e\&password=dsfsd%3cscript%3ealert('XSS')%3c/script%3e
http://<host>/isqlplus?action=<script>alert('XSS')</script>
Solution / Fix
Oracle HTTP Server isqlplus Cross-Site Scripting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Oracle HTTP Server isqlplus Cross-Site Scripting Vulnerability
References:
References:
- Oracle9iAS HTTP Server (Oracle)
- Oracle HTTP Server Cross Site Scripting Vulnerabillity ("Rafel Ivgi, The-Insider"
)