lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAME7qXXM705CFZ4y5LCjRiHdMbCUq5m0sP7G6v-D0Boa+wSvsA@mail.gmail.com>
Date: Wed, 9 Sep 2015 21:12:06 +0300
From: Uğur Cihan KOÇ <u.cihan.koc@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] Nokia Solutions and Networks @vantage - Multiple Reflected XSS

Document Title:
==============
Nokia Solutions and Networks @vantage - Multiple Reflected XSS

Release Date:
============
9 Sep 2015

Abstract Advisory Information:
=============================
Ugur Cihan Koc discovered twentySeven Reflected XSS
vulnerability in Nokia NSN @vantage

Vulnerability Disclosure Timeline:
=================================
24 July 2015    Bug reported to the vendor.
28 July 2015    Asked about the case.
8 Sep    2015    End of support for this product, reported by the vendor

Discovery Status:
================
Published

Affected Product(s):
===================
Nokia NSN @vantage

Exploitation Technique:
======================
Local, Authenticated

Severity Level:
==============
Medium

Technical Details & Description:
===============================
Affected Path/Parameter[27] :

/cftraces/filter/fl_copy.jsp
    idFilter
    nameFilter
/cftraces/filter/fl_crea1.jsp
    flName
/cftraces/process/pr_show_process.jsp
    serchStatus
    refreshTime
    serchNode
/cftraces/session/se_crea.jsp
    MaxActivationTime
    NumberOfBytes
    NumberOfTracefiles
    SessionName
    serchSessionkind
/cftraces/session/se_show.jsp
    serchSessionDescription
/cftraces/session/tr_crea_filter.jsp
    serchApplication
    serchApplicationkind
/cftraces/session/tr_create_tagg_para.jsp
    columKeyUnique
    columParameter
    componentName
    criteria1
    criteria2
    criteria3
    description
    filter
    id
    pathName
    tableName
    component
/home/certificate_association.jsp
    userid

Proof of Concept (PoC):
======================
Proof of Concept
https://drive.google.com/open?id=0B-LWHbwdK3P9eTNKRkdDWGpkN2M

Solution Fix & Patch:
====================
There aren't any fix for the issue. [End of Support]

Security Risk:
=============
The risk of the vulnerability above estimated as medium.

Credits & Authors:
=================
Ugur Cihan Koc(@_uceka_)
Blog: www.uceka.com

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists