lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <fb0a0ff0712110015q5ed3ef90sf4341ca265fa3880@mail.gmail.com>
Date: Tue, 11 Dec 2007 11:45:05 +0330
From: "imei Addmimistrator" <addmimistrator@...il.com>
To: bugtraq@...urityfocus.com
Subject: SupportSuite 3.11.01~ Multiple file ~ PHP SELF XSS

——-Summary——
Software: SupportSuite
Sowtware's Web Site: http://www.kayako.com
Versions: 3.00.32
Class: Remote
Status: Unpatched
Exploit: Available
Solution: Not Available
Discovered by: imei Addmimistrator
Risk Level: Medium
——Description—–
Supportsuite , a great product of kayako, Ideal for providing ticket
based support, is prone to XSS attack in multiple internal files.{more
than 300 files}

Use of unsafe variable PHP_SELF in so many files of supprtsuite, makes
this program vulnerable against XSS attacks. The bug is in result of
using PHP_SELF variable that is unsafe in many version of PHP inside
of parameter used in function trigger_error().
Product has an "Anti Full path disclosure" approach come here:

if (!defined("INSWIFT")) {
trigger_error("Unable to process $PHP_SELF", E_USER_ERROR);
}
As it's obvious, It has a weakness against XSS.

VISITE ORIGINAL ADVISORY FOR MORE DETAILS
> http://myimei.com/security/2007-12-06/supportsuite-31101-multiple-file-php-self-xss.html

-------
BTW I have no idea what's wrong with moderators. they said my old post
has no detail and ask me for more details. I sent much posts like that
and users could refer to original advisory for understanding bug.
Should you always keep entire text in your site instead of poor bug
finder or its a really new policy!
--
imei Addmimistrator
Visit my SeQrity Homepage at:
http://myimei.com/security

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ