lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <201108022141.p72LfGXe024902@sf01web3.securityfocus.com>
Date: Tue, 2 Aug 2011 21:41:16 GMT
From: haroon@...e.it
To: bugtraq@...urityfocus.com
Subject: Cross Site Scription Vulnerability in vBulletin 4.1.3, 4.1.4 and
 4.1.5

*Advisory Information*
Title: vBulletin Cross Site Scripting Vulnerability
Vendors contacted: vBulletin team

----

*Vulnerability Information*
Class: XSS flaw
Vulnerable page: Admin Login Page (admincp)
Remotely Exploitable: Yes

----

*Vulnerability Description*
vBulletin is a community forum solution for a wide range of users, including industry leading companies. A XSS vulnerability has been discovered that could allow an attacker to carry out an action impersonating a legal user, or to obtain access to a user's account.
This flaw allows unauthorized disclosure and modification of information, and it allows disruption of service.

----

*Vulnerable versions*
4.1.3pl3, 4.1.4pl3 & 4.1.5pl1

----

*Non-vulnerable Packages*
vBulletin prior to 4.1.3

----

*Vendor Information, Solutions and Workarounds*
vBulletin team has released patches for this flaw and patch is released on 02-08-2011. https://www.vbulletin.com/forum/showthread.php/385133-vBulletin-4.1.3-4.1.4-and-4.1.5-Security-Patch

----

*Credits*
This vulnerability was discovered  by Muhammad Haroon from Innovative Solutions KSA. OWASP Chapter Lead of Pakistan. haroon [at] live [dot] it

----

*Proof of Concept Code*
This is a Cross Site Scripting (XSS) vulnerability within vBulletin community forum solution. In order to exploit this flaw following vector would be used.
 http://www.example.com/forums/admincp/?"><script>alert('Xss_found_By_M.Haroon')</script>

----

*Report Timeline*
30-07-2011: Notifies the vBulletin team about the vulnerability.
31-07-2011: vBulletin Team ask for technical description about the flaw
31-07-2011: Technical Details sent to vBulletin team
02-08-2011: vBulletin notifies that a fix has been produced and is available to the users on 2nd August 2011
03-08-2011: Vulnerability publicly disclosed.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ