Информационная безопасность
[RU] switch to English


Дополнительная информация

  Очередное ежеквартальное обновление безопасности Oracle

  Hacktics Advisory Feb09: XSS in Oracle E-Business Suite

  Team SHATTER Security Advisory: Buffer Overflow in Resource Manager of Oracle Database - Plan name parameter

  Oracle 11g (11.1.0.6) Password Policy and Compliance

  Bypassing DBMS_ASSERT in certain situations

From:DSecRG <research_(at)_dsecrg.com>
Date:16 июля 2009 г.
Subject:[DSECRG-09-025] Oracle Secure Enterprise Search 10.1.8 Linked XSS vulnerability



Digital Security Research Group [DSecRG] Advisory    #DSECRG-09-025

http://dsecrg.com/pages/vul/show.php?id=125

Application:                    Oracle Secure Enterprise Search (SES)
Versions Affected:              Oracle Secure Enterprise Search (SES) version 10.1.8.2.0  
Vendor URL:                     http://www.oracle.com
Bugs:                           XSS
Exploits:                       YES
Reported:                       21.01.2009
Vendor response:                23.01.2009
Date of Public Advisory:        16.07.2009
CVE:                            CVE-2009-1968
Description:                    XSS IN search query                             
Author:                         Alexandr Polyakov
                               Digital Security Reasearch Group [DSecRG] (research [at] dsecrg [dot] com)


Description
***********

Linked XSS vulnerability found "search" script of Oracle Secure Enterprise Search (SES).  



Details
*******


Vulnerability found  In page /search/query/search. Vulnerable parameter search_p_groups.

Example
*******

http://[localhost]:7777/search/query/search?search.
timezone=&search_p_groups="'><IMG%20SRC=javascript:
alert(document.cookie)>&q=1234&btnSearch=Search


Attacker can send evil link to logged in administrator, get adminiatrators cookie access to system with Administrator rights



Fix Information
***************


Information was published in CPU July 2009.
All customers can download CPU petches following instructions from:

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul200
9.html


Original advisory:
http://dsecrg.com/pages/vul/show.php?id=125

Credits
*******
Oracle give a credits for Alexandr Polyakov from Digital Security Company in CPU July 2009.

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul200
9.html




About
*****
Digital Security is one of the leading IT security companies in CEMEA, providing information security consulting, audit and
penetration testing services, risk analysis and ISMS-related services and certification for ISO/IEC 27001:2005 and PCI DSS
standards. Digital Security Research Group focuses on application and database security problems with vulnerability reports,
advisories and whitepapers posted regularly on our website.


Contact:        research [at] dsecrg [dot] com
               http://www.dsecrg.com




Polyakov Alexandr
Chief Information Security Analyst
______________________

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород