Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Astaro Security Gateway v8.1 - Input Validation Vulnerability
From: Ferenc Kovacs <tyra3l () gmail com>
Date: Tue, 10 Jan 2012 13:24:27 +0100

On Mon, Jan 9, 2012 at 3:15 PM, Markus Hennig <Markus.Hennig () sophos com>wrote:

Hi all,

Astaro hereby confirms the described vulnerability.

In spite of the text below it is not remote exploitable, but needs a valid
administration account to access the web configuration interface called
"WebAdmin".


if it is an XSS attack, then why would the attacker need an account to
exploit it?


Within WebAdmin a privilege escalation is the worst case scenario which
can happen. The user with higher privileges has to open a preview window of
a XSS manipulated object.


yeah, if the malicious person can bait a logged in user to visit the
prepared url, that would allow the attacker to create an account.



Because every  access and all object modifications are logged with
username and IP and because the issue is not remote exploitable we will fix
it within the regular Up2Date schedule with release of version 8.301.


uhm, I don't see why would a proper logging mitigate the fact that the
system is compromised.
but it is a good thing that you are fixing it.


-- 
Ferenc Kovács
@Tyr43l - http://tyrael.hu
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]