Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:28988
HistoryJan 28, 2013 - 12:00 a.m.

CVE-2013-0805 / CSNC-2013-001

2013-01-2800:00:00
vulners.com
33
JSON

#############################################################

COMPASS SECURITY ADVISORY http://www.csnc.ch/

#############################################################

CVE ID : CVE-2013-0805

CSNC ID: CSNC-2013-001

Product: iTop

Vendor: Combodo

Subject: Cross-site Scripting - XSS

Risk: High

Effect: Remotely exploitable

Author: Stephan Rickauer (stephan.rickauer at csnc.ch)

Date: January 23rd 2013

#############################################################

Introduction:

Compass Security discovered a security flaw in the iTop web application.

Vulnerable:

All iTop versions older than:

  • trunk revision 2589
  • branches/1.2.1, revision 2587
  • branches/1.2, revision 2588
  • branches/2.0, revision 2590

Not vulnerable:

unknown

Patches:

Patches have been commited to the SourceForge Trac by the vendor with respect
to all affected versions. Modified files: pages/UI.php and pages/run_query.php

Fix:

Thoroughly encode all user input properly on output.

Description:

The iTop search feature displays the term entered by the user. However, that
very output of the user's input happens mostly un-encoded. The implemented
mitigation step of only encoding < as part of a script tag is inadequate and
can be easily bypassed. Exploiting this vulnerability will lead to so-called
cross-site scripting (XSS) and allows the impersonation of logged-in iTop
users.

Milestones:

January 4th, Vulnerability discovered
January 4th, Vendor contact established
January 7th, Vendor provided with technical details
January 7th, Vendor acknowledged issue (support at combodo.com)
January 15th, CVE assigned and vendor notified
January 23rd, Patch committed in all main branches of the iTop project by vendor
January 23rd, Public release of advisory

References:

XSS reference:
http://en.wikipedia.org/wiki/Cross-site_scripting
Cross-site scripting (XSS) is a type of computer security vulnerability
typically found in web applications which allow code injection by malicious
web users into the web pages viewed by other users. Examples of such code
include HTML code and client-side scripts. An exploited cross-site scripting
vulnerability can be used by attackers to bypass access controls such as the
same origin policy. Recently, vulnerabilities of this kind have been exploited
to craft powerful phishing attacks and browser exploits. Cross-site scripting
was originally referred to as CSS, although this usage has been largely
discontinued.

iTop reference:
http://www.combodo.com/iTop-a-new-generation-of-IT.html

Provided evidence:

  • Two screenshots
  • XSS attack code
  • copy of html page showing unencoded output

Related

prion 1
cve 1
securityvulns 1
prion
prion
Cross site scripting
2014-03-20 16:55:00
cve
cve
CVE-2013-0805
2014-03-20 16:55:00
securityvulns
securityvulns
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2013-01-28 00:00:00
JSON
Related for SECURITYVULNS:DOC:28988
prion1cve1securityvulns1