发布时间 :2005-07-11 00:00:00
修订时间 :2016-10-17 23:25:47

[原文]Cross-site scripting (XSS) vulnerability in Computer Associates (CA) eTrust SiteMinder 5.5, when the "CSSChecking" parameter is set to "NO," allows remote attackers to inject arbitrary web script or HTML via the (1) PASSWORD or (2) BUFFER parameters to smpwservicescgi.exe, (3) the TARGET parameter to login.fcc, and possibly other vectors.

[CNNVD]CA eTrustSiteMinder 多个 跨站脚本攻击漏洞(CNNVD-200507-080)

        Computer Associates eTrust Site是CA公司的Web安全基础设施解决方案。
        eTrust SiteMinder 5.5中存在跨站脚本攻击漏洞。

- CVSS (基础分值)

CVSS分值: 4.3 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20050708 SiteMinder Multiple Vulnerabilities
(UNKNOWN)  BUGTRAQ  20050711 Re: SiteMinder Multiple Vulnerabilities
(UNKNOWN)  VUPEN  ADV-2005-1040
(UNKNOWN)  XF  ca-siteminder-smpwservicescgi-xss(21305)

- 漏洞信息

CA eTrustSiteMinder 多个 跨站脚本攻击漏洞
中危 跨站脚本
2005-07-11 00:00:00 2005-10-20 00:00:00
        Computer Associates eTrust Site是CA公司的Web安全基础设施解决方案。
        eTrust SiteMinder 5.5中存在跨站脚本攻击漏洞。

- 公告与补丁


- 漏洞信息

CA eTrust SiteMinder smpwservicescgi.exe PASSWORD Parameter XSS
Remote / Network Access Input Manipulation
Loss of Integrity Workaround
Exploit Public Vendor Verified

- 漏洞描述

CA eTrust SiteMinder contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'PASSWORD' parameter, when the 'CSSChecking' parameter is set to "NO", upon submission to the smpwservicescgi.exe script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

- 时间线

2005-07-08 Unknow
2005-07-08 2002-10-01

- 解决方案

Currently, there are no known upgrades or patches to correct this vulnerability. It is possible to temporarily work around the flaw by implementing the following workaround: Make sure the 'CSSChecking' parameter has not been set to "NO".

- 相关参考

- 漏洞作者

Unknown or Incomplete