| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1280950581.9925@tomneaves.com> Date: Wed, 04 Aug 2010 20:36:21 +0100 (BST) From: "Tom Neaves" <tom@...neaves.com> To: bugtraq@...urityfocus.com Cc: Subject: Cisco Wireless Control System XSS Product Name: Cisco Wireless Control System Vendor: http://www.cisco.com Date: 4 August, 2010 Author: tom@...neaves.com <tom@...neaves.com> Original URL: http://www.tomneaves.com/Cisco_Wireless_Control_System_XSS.txt Discovered: 8 July, 2010 Disclosed: 4 August, 2010 I. DESCRIPTION The Cisco Wireless Control System (WCS) is a web interface that allows centralised management and reporting within a Cisco wireless infrastructure. II. DETAILS A Cross-site Scripting (XSS) vulnerability exists within the search function on the Cisco Wireless Control System (WCS) web interface due to insufficient input validation. This enables attackers to prepare links for a website that includes code that is executed by the browser visiting this website. --- The affected script is "/webacs/QuickSearchAction.do", namely the "searchText" parameter. Although not tested due to limitations, it is likely that all other parameters related to this script will also be affected by this issue. --- Affected Versions: All versions of Cisco WCS up to and including 6.0.181.0. Some versions of 7.0 *may* be affected. Interim versions 7.0(118.0) and 6.0(194.0) are not vulnerable. III. VENDOR RESPONSE 8 July, 2010 - Contacted vendor. 8 July, 2010 - Vendor acknowledged and confirmed vulnerability - will include in maintenance patch. 4 August, 2010 - Vendor releases maintenance patch (Cisco Bug ID = CSCtf14288). 4 August, 2010 - Vulnerability publicly disclosed. IV. CREDIT Discovered by Tom Neaves (Verizon Business)
Powered by blists - more mailing lists