SAP Web Application Server Error Page XSS

2005-11-09T07:47:33
ID OSVDB:20715
Type osvdb
Reporter Leandro Meiners(lmeiners@cybsec.com)
Modified 2005-11-09T07:47:33

Description

Vulnerability Description

SAP Web Application Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user input when returning with an error page. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

SAP AG. has released a patch to address this vulnerability. Contact their technical support for further information.

Short Description

SAP Web Application Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user input when returning with an error page. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://sap-was/sap/bc/BSp/sap/index.html[XSS]

References:

Vendor URL: http://www.sap.com/ Security Tracker: 1015174 Secunia Advisory ID:17515 Related OSVDB ID: 20714 Related OSVDB ID: 20716 Related OSVDB ID: 20717 Other Advisory URL: http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Multiple_XSS_in_SAP_WAS.pdf Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0218.html FrSIRT Advisory: ADV-2005-2361 CVE-2005-3636 Bugtraq ID: 15361