Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | NETGEAR FVS318 Lets Remote Users Bypass the URL Filter and Conduct Cross-Site Scripting Attacks Against Administrators |
|---|
Categorie: Vulnerability
Posted: 2005-01-18 by ReCall
Views: 435
Source: Click here
| Current Rating: Not rated
|
| | Details |
|---|
Description: Paul Kurczaba from SecuriNews Research reported some vulnerabilities in the NETGEAR FVS318 router. A remote user can bypass the URL filter. A remote user can also conduct cross-site scripting attacks.
The Security Log does not properly filter HTML code from user-supplied URLs when logging blocked URLs. A remote user can supply a specially crafted URL containing a string that will be blocked by the router and also containing scripting code. Then, when the target administrator views the Security Log, arbitrary scripting code will be executed by the target administrator's browser. The code will originate from the router running the vulnerable software and will run in the security context of that router. As a result, the code will be able to access the target administrator's cookies (including authentication cookies), if any, associated with the router, access data recently submitted by the target administrator via web form to the router, or take actions on the router acting as the target administrator.
A demonstration exploit URL is provided [where 'somefile.exe' or '.exe' is a string to be blocked by the URL filter]:
http://[target]/somefile.exe</textarea><script>alert('XSS')</script>
A remote user can use Hex encoded characters in a URL to bypass the URL filter.
The original advisory is available at:
http://www.securinews.com/vuln.htm?vulnid=103
Impact: A remote user can access the target administrator's cookies (including authentication cookies), if any, associated with the router running the vulnerable software, access data recently submitted by the target administrator via web form to the router, or take actions on the router acting as the target administrator.
Solution: No solution was available at the time of this entry.
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1300
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
