|
|
Info |
Last Modified |
| 5 months ago |
|
|
|
|
Description |
Novell NetWare Enterprise Web Server / GroupWise contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'User.id' or 'GWAP.version' variables upon submission to the 'webacc' utility. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
OSVDB:
Web Related
|
|
Technical |
From Novell:
Novell has reviewed Secunia Security Advisory SA10713 and has concluded that although a user can indeed embed scripts into a page returned by WebAccess via the method suggested, this approach does not provide a path for accessing information outside of that user's account. So although it may have the appearance that malicious script activity can occur, some other method is required to get in to another user's account before this scripting method can be used. For example, unless user "John" has another method for accessing someone else's account, the only account that can be maliciously "attacked" via embedded scripts is John's own account, and any actions will be isolated to his own information.
|
|
Solution |
Upgrade to version CSP 8 for 5.1, CSP 5 for 6.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
|
|
Products |
|
NetWare Enterprise Web Server
 |
5.1 |
6.0 |
|
|
|
|
|
Credit |
- Rafel Ivgi - theinsider
 012.net.il - Personal Page
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
