Andromeda v1.9.2 Mullti Vulnerability

ID 1337DAY-ID-11299
Type zdt
Reporter indoushka
Modified 2010-03-15T00:00:00


Exploit for unknown platform in category web applications

Andromeda v1.9.2 Mullti Vulnerability

| # Title    : Andromeda v1.9.2 Mullti Vulnerability           
| # Author   : indoushka  
| # Script   : powered by ZIKRENOOR.COM version v1.9.2 PHP. ©2010 SalamHosting.Com, ZIKRENOOR.COM.    
| # Tested on: windows SP2 Fran?ais V.(Pnx2 2.0) + Lunix Fran?ais v.(9.4 Ubuntu)      
| # Bug      : Mullti   
======================      Exploit By indoushka       =================================
 # Exploit  :
 1- XSS :<img+src=>
 2- Cookie manipulation :
 Vulnerability description:
This script is vulnerable to Cookie manipulation attacks.
By injecting a custom HTTP header or by injecting a META tag, it is possible to alter the cookies stored in the browser. Attackers will normally manipulate cookie values to fraudulently authenticate themselves on a web site.
Affected items
Attack details:
The GET variable s has been set to <meta+http-equiv='Set-cookie'+content='cookiename=cookievalue'>.<meta+http-equiv='Set-cookie'+content='cookiename=cookievalue'>
The impact of this vulnerability
By exploiting this vulnerability, an attacker may conduct a session fixation attack. In a session fixation attack, the attacker fixes the user's session ID before the user even logs into the target server, thereby eliminating the need to obtain the user's session ID afterwards.
How to fix this vulnerability:
You need to filter the output in order to prevent the injection of custom HTTP headers or META tags. Additionally, with each login the application should provide a new session ID to the user.

# [2016-04-19]  #