Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormMoritz-naumann.comPACKETSTORM:41441
HistoryNov 10, 2005 - 12:00 a.m.

0004.txt

2005-11-1000:00:00
moritz-naumann.com
packetstormsecurity.com
38

0.013 Low

EPSS

Percentile

86.0%

JSON
`-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA1  
  
  
  
SA0004  
  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
+++++ Antville 1.1 Cross Site Scripting +++++  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
  
  
PUBLISHED ON  
Nov 09, 2005  
  
  
PUBLISHED AT  
http://moritz-naumann.com/adv/0004/antvxss/0004.txt  
http://moritz-naumann.com/adv/0004/antvxss/0004.txt.sig  
  
  
PUBLISHED BY  
Moritz Naumann IT Consulting & Services  
Hamburg, Germany  
http://moritz-naumann.com/  
  
info AT moritz HYPHON naumann D0T com  
GPG key: http://moritz-naumann.com/keys/0x277F060C.asc  
  
  
AFFECTED APPLICATION OR SERVICE  
Antville  
http://www.antville.org/  
  
  
AFFECTED VERSION  
Version 1.1  
Possibly versions 1.0 and lower (untested)  
  
  
BACKGROUND  
Everybody knows XSS.  
http://en.wikipedia.org/wiki/XSS  
http://www.cgisecurity.net/articles/xss-faq.shtml  
  
  
ISSUE  
A XSS vulnerability has been detected in Antville. The  
problem is caused by insufficient input sanitation.  
  
By making a victim visit a specially crafted URL, it is  
possible to inject client side scripting (such as  
Javascript) and HTML which will be executed/rendered in  
her browser.  
  
The following URL demonstrates this issue:  
[antville_basepath]/project/<script>alert('XSS');</script>  
  
This may not be easily exploitable for cookie/session  
stealing attacks due to the IP address lock on the session.  
  
  
WORKAROUND  
Client: Disable Javascript.  
Server: Prevent access to the Antville installation.  
  
  
SOLUTIONS  
There does not seem to be a patch available. Our attempts  
to contact the developers were unsuccessful.  
  
  
TIMELINE  
Sep 19, 2005 Discovery  
Sep 19, 2005 Code maintainer notification  
Sep 29, 2005 Another code maintainer notification  
Nov 09, 2005 Public disclosure  
  
  
REFERENCES  
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3530  
  
  
ADDITIONAL CREDIT  
N/A  
  
  
LICENSE  
Creative Commons Attribution-ShareAlike License Germany  
http://creativecommons.org/licenses/by-sa/2.0/de/  
  
  
  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1.4.1 (GNU/Linux)  
  
iD8DBQFDcikon6GkvSd/BgwRAvgIAJ9T6KB39w9Hk3OcJ56I+F6lLRoKWACfTR2c  
dz7aukUAwcxTA5/q12mWrsA=  
=QLOX  
-----END PGP SIGNATURE-----  
`

Related

securityvulns 1
cve 2
cvelist 1
nvd 2
securityvulns
securityvulns
Antville 1.1 Cross Site Scripting
2005-11-10 00:00:00
cve
cve
CVE-2005-3530
2005-11-20 22:03:00
CVE-2005-3637
2005-11-16 21:22:00
cvelist
cvelist
CVE-2005-3530
2005-11-20 22:00:00
nvd
nvd
CVE-2005-3530
2005-11-20 22:03:00
CVE-2005-3637
2005-11-16 21:22:00

0.013 Low

EPSS

Percentile

86.0%

JSON
Related for PACKETSTORM:41441
securityvulns1cve2cvelist1nvd2