[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAFWG0-iyz1j5wsNKW_5tRYh5MYGyvWAwzFMrmErRXie3sUgT3Q@mail.gmail.com>
Date: Mon, 29 Dec 2014 11:11:18 +0800
From: Jing Wang <justqdjing@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] CVE-2014-7294 Ex Libris Patron Directory Services (PDS) Open
Redirect Security Vulnerability
*CVE-2014-7294 Ex Libris Patron Directory Services (PDS) Open Redirect
Security Vulnerability*
Exploit Title: Ex Libris Patron Directory Services (PDS) Logon Page url
Parameter Open Redirect
Product: Ex Libris Patron Directory Services (PDS)
Vendor: Ex Libris
Vulnerable Versions: 2.1 and probability prior
Tested Version: 2.1
Advisory Publication: DEC 29, 2014
Latest Update: DEC 29, 2014
Vulnerability Type: Open Redirect [CWE-601]
CVE Reference: CVE-2014-7294
CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)
Impact Subscore: 4.9
Exploitability Subscore: 8.6
Credit: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]
*Advisory Details:*
*(1) Vendor URL:*
http://www.exlibrisgroup.org/display/CrossProductCC/PDS+OpenSSO+Integration
*Product Description:*
“Ex Libris is a leading worldwide developer and provider of
high-performance applications for libraries, information centres, and
researchers.”
“Patron Directory Services (PDS) module was provides a seamless single
sign-on (SSO) environment for all Ex Libris products. such as, Aleph,
Metalib, Primo, DigiTool, Rosetta …”
It is one of the largest library management system which used by large
numbers of universities and institutions.
*(2) Vulnerability Details:*
Ex Libris Patron Directory Services (PDS) can be exploited by Open Redirect
Attacks.
*(2.1) *The vulnerability occurs at “PDS” service’s logon page, with “&url”
parameter.
*References:*
http://tetraph.com/security/cves/cve-2014-7294-ex-libris-patron-directory-services-pds-open-redirect-security-vulnerability/
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7294
--
Wang Jing
School of Physical and Mathematical Sciences (SPMS)
Nanyang Technological University (NTU), Singapore
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists