Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities

From: robkraus () solutionary com
Date: 15 Feb 2011 18:56:03 -0000
Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities

Solutionary ID: SERT-VDN-1003

Solutionary Disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Tembria-Server-Monitor-XSS.html

CVE ID: Pending 

Product: Tembria Server Monitor 

Application Vendor: Tembria 

Vendor URL: http://www.tembria.com/products/servermonitor/index.html 

Date discovered: 1/22/2011 

Discovered by: Rob Kraus, Jose Hernandez, and Solutionary 
Engineering Research Team (SERT) 

Vendor notification date: 1/25/2011 

Vendor response date: 1/25/2011 

Vendor acknowledgment date: 1/25/2011 

Public disclosure date: 2/14/2011

Type of vulnerability: Cross-Site Scripting (XSS) - Reflected

Exploit Vectors: Local and Remote

Vulnerability Description: The Web application management interface of Server Monitor contains multiple injection 
points, which allow for execution of Cross-site Scripting (XSS) attacks. Arbitrary client side code such as JavaScript 
can be included into certain parameters throughout the Web application. The following parameters and Web pages have 
been tested and verified; however, it is likely more views and parameters within the application are vulnerable: 

event-history.asp (siteid, type) parameter 
admin-history.asp (siteid, type) parameters 
dashboard-view.asp (siteid, id) parameters 
device-events.asp (siteid, dn) parameters 
device-finder.asp (siteid, submit) parameters 
device-list.asp (siteid, action, sel) parameters 
device-monitors.asp (siteid, dn) parameters 
device-views.asp (siteid, type) parameters 
logbook.asp (siteid) parameter 
monitor-events.asp (siteid) parameter 
monitor-list.asp (siteid, action, sel) parameters 
monitor-views.asp (siteid, type) parameters 
reports-config-by-device.asp (siteid) parameter 
reports-config-by-monitor.asp (siteid) parameter 
reports-list.asp (siteid, sel) parameters 
reports-monitoring-queue.asp (siteid) parameter
site-list.asp (action) parameter 

Tested on: Windows XP, SP3, with Tembria Server Monitor v6.0.4 - Build 2229 default installation. 

Affected software versions: Tembria Server Monitor v6.0.4 - Build 2229 (previous versions may also be vulnerable)

Impact: Successful attacks could disclose sensitive information about the user, session, and application to the 
attacker, resulting in a loss of confidentiality. Using XSS, an attacker could insert malicious code into a web page 
and entice naïve users to execute the malicious code.

Fixed in: Tembria Server Monitor v6.0.5 - Build 2252

Remediation guidelines: The vendor has created a fix for the vulnerabilities identified. Please update to version 6.0.5 
- Build 2252 or newer.
Previous By Date Next
Previous By Thread Next

Current thread: