Nokia Electronic Documentation Connection Redirection

2003-09-15T00:00:00
ID OSVDB:3485
Type osvdb
Reporter OSVDB
Modified 2003-09-15T00:00:00

Description

Vulnerability Description

Nokia Electronic Documentation contains a flaw that allows a remote attacker to use the system as an open proxy. The issue is due to the NED utility allowing arbitrary web sites as valid arguments to the retrieve&location variable. Attackers using this may be able to gain access to additional internal web sites due to trust relationships.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Nokia Electronic Documentation contains a flaw that allows a remote attacker to use the system as an open proxy. The issue is due to the NED utility allowing arbitrary web sites as valid arguments to the retrieve&location variable. Attackers using this may be able to gain access to additional internal web sites due to trust relationships.

Manual Testing Notes

http://[victim]/docs/NED?action=retrieve&location=http://target2/

References:

Secunia Advisory ID:9740 Other Advisory URL: http://www.atstake.com/research/advisories/2003/a091503-1.txt ISS X-Force ID: 13189 CVE-2003-0803 Bugtraq ID: 8625