lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <201302271509.r1RF953L017342@sf01web1.securityfocus.com>
Date: Wed, 27 Feb 2013 15:09:05 GMT
From: scott.behrens@...hapsis.com
To: bugtraq@...urityfocus.com
Subject: Stored Cross-site Scripting ('XSS') in Airvana HubBub C1-600-RT
 Femtocell

   Advisory ID: NEOCAN-2013-002
Advisory Title: Stored XSS ('cross-site scripting') in Airvana HubBub C1-600-RT router
        Author: Scott Behrens / Scott.Behrens@...hapsis.com
  Release Date: 02/27/2013
        Vendor: Airvana
   Application: Airrave 2.5 router administration page
      Platform: Web Application
      Severity: Medium
 Vendor status: No response from vendor
    CVE Number: CVE-2013-2270
     Reference: 004


Overview:

A stored cross-site scripting vulnerability was discovered in the Airrave 2.5 router.  An attacker that exploits this attack may use it to execute malicious JavaScript against a victim or trigger a browser exploit.  The attack requires 

that the victim is authenticated to the device.  


Vendor Response:

Vendor was contacted first via email on January 17th, 2013.  Researcher did not receive a response when using the 'online form' which was the only publically available email on the company’s website.

Vendor was then contacted via telephone on the following dates: January 25th, February 7th, February 12th. A 'support  operator' filed the ticket and informed the researcher a technician would call them back.  No technician ever followed 

up to the calls. 



Recommendation:

Ensure data controlled input is html encoded or escaped.  Perform content filtering on user control data for special characters or symbols.



Common Vulnerabilities and Exposures (CVE) Information:

The Common Vulnerabilities and Exposures (CVE) project has assigned the following names to these issues:

CVE-2013-2270

These are candidates for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.


Common Weakness Enumeration (CWE) Information:

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

http://cwe.mitre.org/data/definitions/79.html



--------Neohapsis Vulnerability Research Advisory Information-------

For questions about this advisory, or to report an error:
research@...hapsis.com

NeohapsisVulnerability Research GPG Key:
http://www.neohapsis.com/assets/NeohapsisVulnerabilityResearch-PUB.asc


Copyright (c) 2013 Neohapsis

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ