lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 22 Jul 2014 14:59:20 -0300
From: William Costa <william.costa@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] Reflected XSS vulnerabilities in DELL SonicWALL GMS 7.2 Build:
 7221.1701 (CVE-2014-5024)

I. VULNERABILITY
-------------------------
Reflected XSS  vulnerabilities in DELL SonicWALL GMS 7.2 Build: 7221.1701

II. BACKGROUND
-------------------------
Dell® SonicWALL® provides intelligent network security and data protection
solutions that enable customers and partners to dynamically secure,
control, and scale their global networks.

III. DESCRIPTION
-------------------------
Has been detected a Reflected XSS vulnerability in DELL SonicWALL GMS.
The code injection is done through the parameter "node_id" in the page
“/sgms/panelManager?level=1&typeOfUnits=2&node_name=GlobalView&node_id=(HERE
XSS)”

IV. PROOF OF CONCEPT
-------------------------
The application does not validate the parameter “node_ID” correctly.
https://10.200.210.222:8443/sgms/panelManager?level=1&typeOfUnits=2&node_name=GlobalView&node_id=aaaaaaa'</script><body
onload=alert(document.cookie)>&panelidz=0,4#tabs-4

V. BUSINESS IMPACT
-------------------------
An attacker can execute arbitrary HTML or script code in a targeted
user's browser, that allows the execution of arbitrary HTML/script code to
be executed in the context of the victim user's browser allowing Cookie
Theft/Session Hijacking, thus enabling full access the box.

VI. SYSTEMS AFFECTED
-------------------------
Tested DELL SonicWALL Analyzer v7.2 (build 7220.1700)

VII. SOLUTION
-------------------------
https://support.software.dell.com/product-notification/128245

By William Costa
william.costa@...il.com

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ