Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Novell Groupwise Cross Site Scripting

Related Vulnerabilities: CVE-2009-1635  
Publish Date: 22 May 2009
Author: sasquatch, leroy, securestate.com
Source 
                Novell GroupWise Web Access Multiple XSS
  /============================================\
 /~ SecureState R&D Team - leroy and sasquatch ~\
/~  Discovered: 11-24-08, 03-05-09              ~\
\~  Vendor Notified:  01-06-09, 03-05-09        ~/
 \~ Vendor Publication:  05-21-09              ~/
  \============================================/


   /------------------------------------------------------------------------------------------------\
  /~ Novell's Groupwise WebAccess login page is vulnerable to several cross-site scripting attacks. ~\
 /~                                                                                                  ~\
<    Example URL: https://www.website.com/gw/webacc                                                    >
 \~                                                                                                  ~/
  \~ An attempt to deter the attack is made in that <script> tags are replaced with <!-- pt>        ~/
   \------------------------------------------------------------------------------------------------/


|--------------------------------------------------------------|
| Vulnerable Fields: GWAP.version, User.Theme.index, User.lang |
| Vulnerable Versions: 7.0.1, 7.0.3, ?                         |
|--------------------------------------------------------------|
| Vulnerable Fields: User.Lang                                 |
| Vulnerable Versions: 8.0, ?                                  |
|--------------------------------------------------------------|


|------------------------------------------------------------------------------|
| Phishing via URL Redirection:                                                |
| "/><meta http-equiv="refresh" content="0; url=http://www.securestate.com" /> |
|------------------------------------------------------------------------------|
| JavaScript Execution Proof of Concept:                                       |
| " /><div onmouseover="alert('xss')" style="javascript:visibility:visible;">  |
|------------------------------------------------------------------------------|


|--------------------------------------------------------------------------------|
| Fix Info -->  Technical Information Document 7003271                           |
|                                                                                |
| http://www.novell.com/support/search.do?usemicrosite=true&searchString=7003271 |
|--------------------------------------------------------------------------------|
| Version 7 --> 7.03 Hot Patch 2                                                 |
| Fixes vulnerable fields: GWAP.version, User.Theme, but not User.lang           |
|--------------------------------------------------------------------------------|
| Version 8 (CVE-2009-1635)                                                      |
|--------------------------------------------------------------------------------|
<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started