CVE-2002-0459
CVSS7.6
发布时间 :2002-08-12 00:00:00
修订时间 :2008-09-05 16:28:04
NMCOS    

[原文]Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter.


[CNNVD]Board-TNK web信息存在跨站脚本执行漏洞(CNNVD-200208-099)

        
        Linux-Sottises Board-TNK是一款由PHP实现的讨论公告板程序,运行Linux系统平台下。
        Linux-Sottises Board-TNK对用户输入过滤上存在漏洞,可使远程攻击者利用在论坛上发贴对其他浏览用户进行跨站脚本执行攻击。
        Linux-Sottises Board-TNK在当回贴或者建立主题时的"WEB"输入栏中的信息没有充分过滤,可导致攻击者在这栏的内容中放入脚本代码,当其他用户浏览相关此连接的时候,脚本将在用户的浏览器中执行。攻击者可能借此得到用户基于COOKIE的认证信息。
        

- CVSS (基础分值)

CVSS分值: 7.6 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:linux-sottises:news-tnk:1.2.1Linux-Sottises news-tnk 1.2.1
cpe:/a:linux-sottises:board-tnk:1.3Linux-Sottises board-tnk 1.3

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0459
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0459
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200208-099
(官方数据源) CNNVD

- 其它链接及资源

http://www.securityfocus.com/bid/4305
(VENDOR_ADVISORY)  BID  4305
http://www.iss.net/security_center/static/8475.php
(VENDOR_ADVISORY)  XF  boardtnk-web-css(8475)
http://www.securityfocus.com/archive/1/262694
(VENDOR_ADVISORY)  BUGTRAQ  20020316 [ARL02-A09] Board-TNK Cross Site Scripting Vulnerability
http://translate.google.com/translate?u=http%3A%2F%2Fwww.linux-sottises.net%2Findex.php%3Fnews_init%3D13%23newstag&langpair=fr%7Cen&hl=en&ie=UTF8&oe=UTF8&prev=%2Flanguage_tools
(UNKNOWN)  CONFIRM  http://translate.google.com/translate?u=http%3A%2F%2Fwww.linux-sottises.net%2Findex.php%3Fnews_init%3D13%23newstag&langpair=fr%7Cen&hl=en&ie=UTF8&oe=UTF8&prev=%2Flanguage_tools

- 漏洞信息

Board-TNK web信息存在跨站脚本执行漏洞
高危 输入验证
2002-08-12 00:00:00 2005-10-20 00:00:00
远程  
        
        Linux-Sottises Board-TNK是一款由PHP实现的讨论公告板程序,运行Linux系统平台下。
        Linux-Sottises Board-TNK对用户输入过滤上存在漏洞,可使远程攻击者利用在论坛上发贴对其他浏览用户进行跨站脚本执行攻击。
        Linux-Sottises Board-TNK在当回贴或者建立主题时的"WEB"输入栏中的信息没有充分过滤,可导致攻击者在这栏的内容中放入脚本代码,当其他用户浏览相关此连接的时候,脚本将在用户的浏览器中执行。攻击者可能借此得到用户基于COOKIE的认证信息。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 编辑"board.php"加入如下过滤代码:
        # Patch Start
        $web_post= strip_tags ($web_post);
        # Patch End
        厂商补丁:
        Linux-Sottises
        --------------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        Linux-Sottises news-tnk 1.2.1:
        Linux-Sottises Upgrade news-tnk_v1.2.2.tar.gz
        
        http://www.linux-sottises.net/software/news-tnk_v1.2.2.tar.gz

        Linux-Sottises board-tnk 1.3:
        Linux-Sottises Upgrade board-tnk_v1.3.1.tar.gz
        
        http://www.linux-sottises.net/software/board-tnk_v1.3.1.tar.gz

- 漏洞信息

9277
Board-TNK WEB Parameter XSS
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

Board-TNK contains a flaw that allows a persistent remote cross-site scripting attack via a POST request. This flaw exists because the application does not validate the 'WEB' parameter upon submission to the script used for replying and creating topics. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

- 时间线

2002-03-16 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.3.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Board-TNK Web Information Cross-Agent Scripting Vulnerability
Input Validation Error 4305
Yes No
2002-03-16 12:00:00 2009-07-11 11:56:00
Discovered by Ahmet Sabri ALPER <s_alper@hotmail.com>.

- 受影响的程序版本

Linux-Sottises news-tnk 1.2.1
Linux-Sottises board-tnk 1.3
Linux-Sottises news-tnk 1.2.2
Linux-Sottises board-tnk 1.3.1

- 不受影响的程序版本

Linux-Sottises news-tnk 1.2.2
Linux-Sottises board-tnk 1.3.1

- 漏洞讨论

Linux-Sottises Board-TNK is a PHP based discussion board. Originally developed for Linux, it may run on any platform supporting PHP and MySQL. A cross-agent scripting vulnerability has been reported in some versions of Board-TNK. User supplied input is not properly escaped when displayed as the Web information of a post, allowing inclusion of arbitrary script code.

- 漏洞利用

No exploit is required.

- 解决方案

Updates are available:


Linux-Sottises news-tnk 1.2.1

Linux-Sottises board-tnk 1.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站