注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

醉雨他乡游的博客

—— 记录生活中的点点滴滴, 开心与伤心, 回忆与憧憬, 成功与失败, 酸甜苦辣

 
 
 

日志

 
 

OSVDB 120807 NetCat CMS 3.12 HTML Injection Web Security Vulnerabilities  

2015-06-14 15:57:20|  分类: HTML |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
OSVDB 120807 NetCat CMS 3.12 HTML Injection Web Security Vulnerabilities - 醉雨他乡游 - 醉雨他乡游的博客

 



OSVDB 120807 NetCat CMS 3.12 HTML Injection Web Security Vulnerabilities



Exploit Title: NetCat CMS 3.12 /catalog/search.php? q Parameter HTML Injection Web  Security Vulnerabilities

Product: NetCat CMS (Content Management System)

Vendor: NetCat

Vulnerable Versions: 3.12   3.0   2.4   2.3   2.2   2.1   2.0   1.1

Tested Version: 3.12

Advisory Publication: April 15, 2015

Latest Update: April 15, 2015

Vulnerability Type: Improper Input Validation [CWE-20]

CVE Reference: *

OSVDB Reference: 120807

CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized modification

Discover and Reporter: Wang Jing, Division of Mathematical Sciences (MAS), School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore. (@justqdjing)








Advisory Details:



(1) Vendor & Product Description:




Vendor:

NetCat




Product & Vulnerable Version:

NetCat

3.12   3.0   2.4   2.3   2.2   2.1   2.0   1.1




Vendor URL & Download:

NetCat can be downloaded from here,

http://netcat.ru/





Product Introduction Overview:

NetCat.ru is russian local company. "NetCat designed to create an absolute majority of the types of sites: from simple "business card" with a minimum content to complex web-based systems, from corporate offices to online stores, libraries or media data - in other words, projects completely different directions and at any level of complexity. View examples of sites running on NetCat CMS can be in a special section."


"Manage the site on the basis of NetCat can even inexperienced user, because it does not require knowledge of Internet technologies, programming and markup languages. NetCat constantly improving, adds new features. In the process of finalizing necessarily take into account the wishes of our partners and clients, as well as trends in Internet development. More than 2,000 studios and private web developers have chosen for their projects is NetCat, and in 2013 sites, successfully working on our CMS, created more than 18,000."








(2) Vulnerability Details:

NetCat web application has a computer security bug problem. It can be exploited by HTML Injection attacks. Hypertext Markup Language (HTML) injection, also sometimes referred to as virtual defacement, is an attack on a user made possible by an injection vulnerability in a web application. When an application does not properly handle user supplied data, an attacker can supply valid HTML, typically via a parameter value, and inject their own content into the page. This attack is typically used in conjunction with some form of social engineering, as the attack is exploiting a code-based vulnerability and a user's trust.


Several NetCat products 0-day vulnerabilities have been found by some other bug hunter researchers before. NetCat has patched some of them. Web Security Watch is an aggregator of security reports coming from various sources. It aims to provide a single point of tracking for all publicly disclosed security issues that matter. "Its unique tagging system enables you to see a relevant set of tags associated with each security alert for a quick overview of the affected products. What's more, you can now subscribe to an RSS feed containing the specific tags that you are interested in - you will then only receive alerts related to those tags." It has published suggestions, advisories, solutions details related to cyber security vulnerabilities.







(2.1) The programming code flaw occurs at "/catalog/search.php?" page with "&q" parameter.










Related Articles:

http://www.osvdb.org/show/osvdb/120807

http://seclists.org/fulldisclosure/2015/Apr/37

http://lists.openwall.net/full-disclosure/2015/04/15/3

http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1843

https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01922.html

http://cxsecurity.com/search/author/DESC/AND/FIND/1/10/Wang+Jing/

https://progressive-comp.com/?l=full-disclosure&m=142907520526783&w=1

http://tetraph.com/security/html-injection/netcat-cms-3-12-html-injection/

http://whitehatpost.blog.163.com/blog/static/242232054201551434123334/

http://russiapost.blogspot.ru/2015/06/netcat-html-injection.html

https://inzeed.wordpress.com/2015/04/21/netcat-html-injection/

http://computerobsess.blogspot.com/2015/06/osvdb-120807.html

http://blog.163.com/greensun_2006/blog/static/11122112201551434045926/

http://www.inzeed.com/kaleidoscope/computer-web-security/netcat-cms-3-12-html/

http://germancast.blogspot.de/2015/06/netcat-html-injection.html

http://diebiyi.com/articles/security/netcat-cms-3-12-html-injection/









  评论这张
 
阅读(109)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017