[27241] in bugtraq
XSS bug in Compaq Insight Manager Http server
daemon@ATHENA.MIT.EDU (Taylor Huff)
Tue Oct 1 17:59:27 2002
Message-ID: <3D99BAA0.9030606@raytheon.com>
Date: Tue, 01 Oct 2002 11:09:20 -0400
From: Taylor Huff <thuff@raytheon.com>
MIME-Version: 1.0
To: bugtraq@securityfocus.com, vulnwatch@vulnwatch.org
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Advisory name: XSS bug in Compaq Insight Manager Http server
Application: Compaq Insight Manager Http server
Date: 01.10.2002
Impact: XSS code execution
[DESCRIPTION]
XSS bug in Compaq Insight Manager Http server
[ISSUE]
The Compaq Insight Manager Http server is vulnerable to the Cross Site
Scripting (XSS) vulnerability. This vulnerability is caused by the
results returned to a user when a non-existing file is requested. The
vulnerability would allow an attacker to make the server present another
user with malicious JavaScript/HTML code that is interpreted and
executed without the users knowledge (e.g. the result contains the
JavaScript provided in the request). This vulnerability was identified
with a popular open-source vulnerability assessment tool and confirmed
using the following XSS test.
[XSS TEST]
http://<Server IP>:2301/<script>alert('Test')</script>
[VERSIONS TESTED]
CompaqHTTPServer/4.2
CompaqHTTPServer/4.37
[SUPPORTING INFO]
http://www.cert.org/advisories/CA-2000-02.html
[VENDOR RESPONSE]
There is a 3rd party software tool that can be used for security
assessments that flags any web server as potentially having this
problem. Our web servers do not, to our knowledge, have this
vulnerability. We have investigated it but it is a non-issue for us.
This issue is just a 'potential vulnerability' rather than a 'for sure'
problem. In other words, the tool is guessing that all web servers can
have this problem.
Thank You,
HP E-Services
