CVE-2003-0002
CVSS6.8
发布时间 :2003-02-07 00:00:00
修订时间 :2016-10-17 22:28:11
NMCOES    

[原文]Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter.


[CNNVD]Microsoft内容管理服务器跨站脚本执行漏洞(MS03-002)(CNNVD-200302-003)

        
        Microsoft Content Management Server 2001 (MSCMS)是一款企业WEB级别内容管理系统,可以构建、配置、维护公司Internet、Intranet、Extranet Web环境。
        Microsoft内容管理服务程序对用户提交的输入缺少充分过滤,远程攻击者可以利用这个漏洞构建恶意链接,诱使用户点击,可导致信息泄露。
        MSCMS部分脚本在构建依靠用户提供的值而产生的响应页面时,对用户提交的输入缺少充分过滤,当这个生成的链接被目标用户点击后,包含在内的恶意代码就会在用户浏览器上执行,可以窃取用户的一些私人信息,如基于COOKIE认证的信息,或进行其他非法恶意活动。
        此漏洞可能和'NSFOCUS bug_id 3646( http://www.nsfocus.net/index.php?act=sec_bug&do=view&bug_id=3646 )'描述的漏洞一样。
        

- CVSS (基础分值)

CVSS分值: 6.8 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:microsoft:content_management_server:2001Microsoft content_management_server 2001
cpe:/a:microsoft:content_management_server:2001:sp1Microsoft content_management_server 2001 sp1

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0002
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0002
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200302-003
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=103417794800719&w=2
(UNKNOWN)  BUGTRAQ  20021007 CSS on Microsoft Content Management Server
http://www.iss.net/security_center/static/10318.php
(VENDOR_ADVISORY)  XF  mcms-manuallogin-reasontxt-xss (10318)
http://www.microsoft.com/technet/security/bulletin/ms03-002.asp
(VENDOR_ADVISORY)  MS  MS03-002
http://www.securityfocus.com/bid/5922
(UNKNOWN)  BID  5922

- 漏洞信息

Microsoft内容管理服务器跨站脚本执行漏洞(MS03-002)
中危 输入验证
2003-02-07 00:00:00 2005-05-13 00:00:00
远程  
        
        Microsoft Content Management Server 2001 (MSCMS)是一款企业WEB级别内容管理系统,可以构建、配置、维护公司Internet、Intranet、Extranet Web环境。
        Microsoft内容管理服务程序对用户提交的输入缺少充分过滤,远程攻击者可以利用这个漏洞构建恶意链接,诱使用户点击,可导致信息泄露。
        MSCMS部分脚本在构建依靠用户提供的值而产生的响应页面时,对用户提交的输入缺少充分过滤,当这个生成的链接被目标用户点击后,包含在内的恶意代码就会在用户浏览器上执行,可以窃取用户的一些私人信息,如基于COOKIE认证的信息,或进行其他非法恶意活动。
        此漏洞可能和'NSFOCUS bug_id 3646( http://www.nsfocus.net/index.php?act=sec_bug&do=view&bug_id=3646 )'描述的漏洞一样。
        

- 公告与补丁

        厂商补丁:
        Microsoft
        ---------
        Microsoft已经为此发布了一个安全公告(MS03-002)以及相应补丁:
        MS03-002:Cumulative Patch for Microsoft Content Management Server (810487)
        链接:
        http://www.microsoft.com/technet/security/bulletin/MS03-002.asp

        补丁下载:
         * Microsoft Content Management Server 2001:
        
        http://download.microsoft.com/download/5/9/3/5936344a-480c-4343-bcea-b3f6aa25fa23/mcms2001srp2.exe

- 漏洞信息 (21920)

Microsoft Content Management Server 2001 Cross-Site Scripting Vulnerability (EDBID:21920)
asp webapps
2002-10-09 Verified
0 overclocking_a_la_abuela
N/A [点击下载]
source: http://www.securityfocus.com/bid/5922/info

Microsoft Content Management Server 2001 is reported to be prone to cross-site scripting attacks.

An attacker could construct a malicious link to a vulnerable host that contains arbitrary HTML and script code. If this link is visited by a web user, the attacker-supplied code will be rendered in their browser, in the security context of the vulnerable site.

http://www.example.com/NR/System/Access/ManualLogin.asp?
REASONTXT=<script>alert(document.cookie);window.open
("http://attacker.site.example.com");</SCRIPT>		

- 漏洞信息

9207
Microsoft Content Management ManualLogin.asp REASONTXT Parameter XSS
Remote / Network Access Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-10-07 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Microsoft Content Management Server Cross-Site Scripting Vulnerability
Input Validation Error 6668
Yes No
2003-01-22 12:00:00 2009-07-11 08:06:00
This issue was announced in a Microsoft Security Bulletin.

- 受影响的程序版本

Microsoft Content Management Server 2001 SP1
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6
- Microsoft Windows NT Enterprise Server 4.0 SP5
- Microsoft Windows NT Enterprise Server 4.0 SP4
- Microsoft Windows NT Enterprise Server 4.0 SP3
- Microsoft Windows NT Enterprise Server 4.0 SP2
- Microsoft Windows NT Enterprise Server 4.0 SP1
- Microsoft Windows NT Enterprise Server 4.0
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP2
- Microsoft Windows NT Server 4.0 SP1
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Terminal Server 4.0 SP6
- Microsoft Windows NT Terminal Server 4.0 SP5
- Microsoft Windows NT Terminal Server 4.0 SP4
- Microsoft Windows NT Terminal Server 4.0 SP3
- Microsoft Windows NT Terminal Server 4.0 SP2
- Microsoft Windows NT Terminal Server 4.0 SP1
- Microsoft Windows NT Terminal Server 4.0
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Microsoft Content Management Server 2001
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server
- Microsoft Windows NT Enterprise Server 4.0 SP6a
- Microsoft Windows NT Enterprise Server 4.0 SP6
- Microsoft Windows NT Enterprise Server 4.0 SP5
- Microsoft Windows NT Enterprise Server 4.0 SP4
- Microsoft Windows NT Enterprise Server 4.0 SP3
- Microsoft Windows NT Enterprise Server 4.0 SP2
- Microsoft Windows NT Enterprise Server 4.0 SP1
- Microsoft Windows NT Enterprise Server 4.0
- Microsoft Windows NT Server 4.0 SP6a
- Microsoft Windows NT Server 4.0 SP6
- Microsoft Windows NT Server 4.0 SP5
- Microsoft Windows NT Server 4.0 SP4
- Microsoft Windows NT Server 4.0 SP3
- Microsoft Windows NT Server 4.0 SP2
- Microsoft Windows NT Server 4.0 SP1
- Microsoft Windows NT Server 4.0
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Microsoft Content Management Server 2002

- 不受影响的程序版本

Microsoft Content Management Server 2002

- 漏洞讨论

A vulnerability has been discovered in Microsoft Content Mangement Server (MCMS). Due to insufficient sanitization of user-supplied input MCMS may be prone to cross site scripting attacks. The issue occurs when constructing a response page which relies on various user-supplied values.

By constructing a malicious link an attacker may be able to trick an unsuspecting user into triggering this vulnerability. This could be used to steal a user's private information, such as cookie-based authentication credentials. Other attacks are also possible.

This issue may be the same vulnerability described in BID 5922.

- 漏洞利用

No exploit is required.

- 解决方案

Microsoft has released a patch which addresses this issue. Users are advised to upgrade as soon as possible.


Microsoft Content Management Server 2001

Microsoft Content Management Server 2001 SP1

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站