lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: girl at catholic.org (gp)
Subject: Multiple XSS Vulnerabilities in several
	UBB.Thread Versions

Vendor: Infopop
URL: http://www.infopop.com/
tested Versions: 6.2.3 & 6.5
remote: yes
vendor notified: 06 Dec 2004 at 01:08 AM
Vendor response: 06/07 Dec 2004 01:33 AM/06:08 PM
Update status: ..in process


============================================================



Summary:
~~~~~~~
UBBThreads is a High end forum system, powered under
PHP and MySQL with many attitude.
A security vulnerability in both (6.2.3 & 6.5) products
allow malicious users to steal session cookies, but
probably more versions are vulnerable.
============================================================



Examples in Version 6.2.3:
~~~~~~~~~~~~~~~~~~~~~~~~~~

[forum]/showflat.php?Cat=document.write(unescape("%3CSCRIPT%3Ealert%28document.domain%29%3B%3C/SCRIPT%3E%3CSCRIPT%3Ealert%28document.cookie%29%3B%3C/SCRIPT%3E%0D%0A"));

tested modules are:
main, search, newuser, login, online, faq, ect..


Note:
~~~~
some of these were fixed in Version 6.5.
It follows the not fixed..
============================================================



Examples in version 6.5:
~~~~~~~~~~~~~~~~~~~~~~~~

[forum]/calendar.php?Cat=document.write(unescape("%3CSCRIPT%3Ealert%28document.domain%29%3B%3C/SCRIPT%3E%3CSCRIPT%3Ealert%28document.cookie%29%3B%3C/SCRIPT%3E%0D%0A"));


[forum]/login.php?Cat=[XSS(s.a.)]

and:
[forum]/online.php?Cat=[XSS(s.a.)]



============================================================



Vendor:
~~~~~
Vulnerabilities will be fixed in the next release,
Version 6.5.1. Since March 2004, Infopop offers no longer
support for any version of UBB.classic or UBB.threads
prior to Version 6.0.

http://www.infopop.com/
http://www.ubbcentral.com/



============================================================

Credits:
~~~~~
dw.; ms.; ect.


-- 
kind regards
g@cat <-> MM


-----------------------------------------
This email was sent using FREE Catholic Online Webmail!
http://webmail.catholic.org/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ