lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY10-DAV3287965B7D3F02894AF034D9450@phx.gbl>
Date: Tue Mar 29 19:01:12 2005
From: se_cur_ity at hotmail.com (Morning Wood)
Subject: Adventia Chat

------------------------------------------------------------
    - EXPL-A-2005-003 exploitlabs.com Advisory 032 -
------------------------------------------------------------
                       - Adventia Chat -





OVERVIEW
========
Adventia Chat Server Pro 3.0 is an ASP program that allows
you to easily add multiple HTML-only chat rooms to your site,
transforming your web site or intranet into a dynamic and
successful online community comprised of customers, users,
suppliers or employees.


AFFECTED PRODUCTS
=================
Adventia Chat 3.1
Chat Server Pro 3.0
http://www.adventia.com/


DETAILS
=======
Adventia Chat has HTML code enabled by default, allowing all static
and remote XSS to be inserted in the chat space. This causes XSS in all
chat users browsers. ( including cookie theft and session spooofing )
As well, the entered text is of a persistant nature, allowing for
exploitation after the attacker has left the chat application.
This could also be used as an attack vector for "pushing" code
to exploit users using the latest browser exploits.



SOLUTION
========
none
1st contact: March 16, 2005 ( no reply )



PROOF OF CONCEPT
================
none ( just enter any xss style text )
demo url: http://www.adventia.com/cgi-bin/chatpro/login.asp


CREDITS
=======
This vulnerability was discovered and researched by 
Donnie Werner of exploitlabs


web: http://exploitlabs.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ