lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAAnZqX_amfO_6WK9b+Qc+1D_cXn-RGTZenBaKcAPRCGu4ggDhQ@mail.gmail.com>
Date: Mon, 29 May 2017 13:24:43 +0300
From: Maor Shwartz <maors@...ondsecurity.com>
To: fulldisclosure@...lists.org
Subject: [FD] SSD Advisory – KEMP LoadMaster from XSS Pre Authentication to RCE

Link: https://blogs.securiteam.com/index.php/archives/3194


*Vulnerability Summary*
KEMP’s main product, the LoadMaster, is a load balancer built on its own
proprietary software platform called LMOS, that enables it to run on almost
any platform: As a KEMP LoadMaster appliance, a Virtual LoadMaster (VLM)
deployed on Hyper-V, VMWare, on bare metal or in the public cloud. KEMP is
available in Azure, where it is in the top 15 deployed applications as well
as in AWS and VMWare vCloud Air.

A cross site scripting web vulnerability has been discovered in KEMP
LoadMaster v7.135.0.13245 (latest). A non authenticated user is able to
inject his own malicious Javascript code into the system and use it to
create a new web administrator user.


*Vendor response*We were unable to get an update beyond this statement from
the vendor:
Expect a fix in our new version available Jan 2017.

--
Thanks
Maor Shwartz
GPG Key ID: 93CC36E2DE7FF514

Download attachment "SSD Advisory – KEMP LoadMaster from XSS Pre Authentication to RCE – SecuriTeam Blogs.pdf" of type "application/pdf" (219787 bytes)


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ