Leadhound agent_links.pl Multiple Variable XSS

2006-04-18T03:45:32
ID OSVDB:25039
Type osvdb
Reporter r0t(krustevs@googlemail.com)
Modified 2006-04-18T03:45:32

Description

Vulnerability Description

Leadhound contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'login', 'logged', 'camp_id', 'banner' or 'offset' variables upon submission to the agent_links.pl script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Leadhound contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'login', 'logged', 'camp_id', 'banner' or 'offset' variables upon submission to the agent_links.pl script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

/cgi-bin/agent_links.pl?login=[XSS] /cgi-bin/agent_links.pl?login=r0t&logged=[XSS] /cgi-bin/agent_links.pl?login=r0t&logged=&camp_id=[XSS] /cgi-bin/agent_links.pl?login=r0t&logged=&camp_id=0&sub=&banner=[XSS] /cgi-bin/agent_links.pl?login=r0t&logged=&camp_id=0&sub=&banner='0'&move=1&submitted=1&offset=[XSS]

References:

Vendor URL: http://www.leadhoundnetwork.com/ Secunia Advisory ID:19867 Related OSVDB ID: 25037 Related OSVDB ID: 25040 Related OSVDB ID: 25041 Related OSVDB ID: 25042 Related OSVDB ID: 25044 Related OSVDB ID: 25023 Related OSVDB ID: 25038 Related OSVDB ID: 25043 Related OSVDB ID: 25046 Related OSVDB ID: 25047 Related OSVDB ID: 25049 Related OSVDB ID: 25060 Related OSVDB ID: 25031 Related OSVDB ID: 25032 Related OSVDB ID: 25036 Related OSVDB ID: 25045 Related OSVDB ID: 25048 Related OSVDB ID: 25030 Related OSVDB ID: 25033 Related OSVDB ID: 25034 Related OSVDB ID: 25035 Other Advisory URL: http://pridels.blogspot.com/2006/04/leadhound-multiple-vuln.html Mail List Post: http://attrition.org/pipermail/vim/2006-April/000728.html CVE-2006-2063