lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <6886de5a0908240246x3d2a5ffao6a36f05acf2e3752@mail.gmail.com>
Date: Mon, 24 Aug 2009 11:46:59 +0200
From: Francesco Bianchino <f.bianchino@...il.com>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk, 
	vuln@...unia.com
Subject: Radvision's Scopia Cross Site Scripting
	Vulnerabilities

Radvision's Scopia Cross Site Scripting Vulnerabilities



***********************************************************************



Author: Francesco Bianchino

contact: f.bianchino at gmail dot com



Product: Radvision's Scopia

Version: 5.7

Vendor Site: http://www.radvision.com

Product Support Page: http://www.radvision.com/Support/SCOPIA-57-Support/



***********************************************************************



Summary



Radvision's Scopia provides a solution for voice and video
collaborative communications.



***********************************************************************



Vulnerability Detail



The web-based interface is exposed to an XSS attack, the index.jsp
page does not check the user's input and is possible to inject
arbitrary code into the page parameters.

It's possible to steal user's cookie or other data sending a malicious
crafted URL to authenticated user.



***********************************************************************



PoC



http://www.example.com/scopia/entry/index.jsp?page=play%3c%2fsCrIpT%3e%3csCrIpT%3ealert("document.cookie")%3c%2fsCrIpT%3e



***********************************************************************



Solution



Radvision has fixed the issue in SD 7.0.100 and later version.



***********************************************************************



Credits



Discovered and advised to Radvision, August 2009 by Francesco Bianchino.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ