Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Trivial XSS in www.cryptocard.com Search function

From: "Nobody Jones" <m_u_d_i_t_a () hotmail com>
Date: Mon, 21 Jun 2004 21:43:22 +0000
Vendor: CRYPTOcard Corp.
Product: Search functionality on www.cryptocard.com
Tested on: Win XP SP1 IE 6.0
Discovery: Author
Risk: Medium severity
Title: Trivial XSS in www.cryptocard.com Search function

..............................................

Background Information
----------------------
CRYPTOCard is a privately owned company. They are developers and marketers of, and passionate evangelists for, powerful network security technology.
CRYPTOCard are a small company that has, over the years (they were formed in 1989) attracted the interest and the custom of the likes of Fujitsu; Wijs En Van Oostveen, Amsterdam; Mercy Health, Ohio; The Canadian Space Agency, Ottawa; State Employees Credit Union, Michigan; Rothschild Bank, Zurich;... the list goes on. 


Description
-----------
The search functionality of the web site http://www.cryptocard.com has not been probably configured, allowing for potential XSS attacks. These may allow a remote attacker to execute arbitrary code that may lead to privilege escalation and remote access to back end systems 
and architecture.
At present it is possible for a remote attacker to force the server into revealing error messages 
that may prove useful, and execute commands using their browser.

Proof of Concept
----------------
Entering the following string in the search function located on the corporate web site forces the dispay of a JavScript alert box: 
<script>alert('XSS vulnerability')</script>

Contact information
-------------------
The author of this advisory can be contacted at m_u_d_i_t_a () hotmail com.

Disclaimer
-----------
The author of this advisory is not responsible for the misuse of the information contained herein. Any use of the information in this advisory is used at personal risk, the author 
accepts no liability for any damages that may occour.

Additional Information
----------------------
The vendor was informed of this issue on 1st June 2004. They have not responded as yet. 

_________________________________________________________________
Express yourself with cool new emoticons http://www.msn.co.uk/specials/myemo

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: