lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20080409080656.11105.qmail@securityfocus.com>
Date: 9 Apr 2008 08:06:56 -0000
From: jaime.blasco@...sec.com
To: bugtraq@...urityfocus.com
Subject: SAP Netweaver 6.40-7.0 Cross-Site-Scripting

Title:		SAP Netweaver 6.40-7.0 Persistent Cross-Site-Scripting

Author: 		Jaime Blasco (at) aitsec.com	http://www.aitsec.com

Description:	SAP Netweaver have a web interface for accesing filesystem of the portal, users can make "feedbacks" of
		files, input passed to the content of these feedbacks is not properly sanitised before being returned to the user. 
		This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site


Solution:	This issue can be solved activating "Secure Editing" in Portal
(System Configuration -> System Configuration -> Knowledge management (in detailed Navigation) -> Utilities -> Editing -> HTML Editing)

Hence this issue can be solved via configuration - for more details see 
http://help.sap.com/saphelp_nw70/helpdata/EN/44/4cd511c6233f8ee10000000a1553f7/frameset.htm

NetWeaver 04 (6.40) SP17: http://help.sap.com/saphelp_nw04/helpdata/en/44/4d3ef6b5ac2152e10000000a114a6b/frameset.htm
NetWeaver 7.0 SP8: http://help.sap.com/saphelp_nw70/helpdata/EN/44/4cd511c6233f8ee10000000a1553f7/frameset.htm
As of NetWeaver 7.0 SP15 the secure editor is on by default (SAP note 1110597: https://service.sap.com/sap/support/notes/1110597)

Timeline:

* March 11: Initial contact.
* March 12: Confirmed
* April 5: Vendor response

Original Advisory:

http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ