Top Ten Web Application Vulnerabilities 1/31/2011 - 2/21/2011

1) IBM Lotus Domino iCalendar Meeting Request Parsing Remote Stack Buffer Overflow Vulnerability

 

IBM Lotus Domino is susceptible to a remote stack buffer overflow because of a failure of the application to properly validate user-supplied input. Successful exploitation can give an attacker the means to execute arbitrary code with SYSTEM-level privileges, possibly leading to a complete compromise of the affected computer. Failed attempts will likely lead to a denial-of-service condition.  As of this writing, a fix has not yet been released. Contact the vendor for further details.

 

http://www.securityfocus.com/bid/46232

 

2) HP OpenView Performance Insight Server 'doPost()' Remote Arbitrary Code Execution Vulnerability

 

HP OpenView Performance Insight Server is susceptible to a remote code execution vulnerability. If successfully exploited, an attacker can execute arbitrary code with SYSTEM-level privileges and completely compromise the vulnerable system.  Updates which resolve this issue are available. Contact the vendor for additional information.

 

http://www.securityfocus.com/bid/46079

 

3) Xerox WorkCentre Webserver Unspecified Remote Command Execution Vulnerability

 

Xerox WorkCentre is susceptible to a remote command execution vulnerability because of a failure of the application to properly sanitize user-supplied input.  An attacker can leverage this vulnerability to execute arbitrary commands with the privilege of the web server. Updates which resolve this vulnerability are available. Contact the vendor for further details.

 

http://www.securityfocus.com/bid/46160

 

4) Ruby on Rails Multiple Vulnerabilities

 

Ruby on Rails is susceptible to multiple vulnerabilities including Cross-Site Scripting, Cross-Site Request Forgery, SQL Injection, and HTTP Header Injection. Cross-Site Scripting can be exploited to execute code in the browser of an unsuspecting user and steal cookie-based authentication credentials. SQL Injection can give an attacker full access to a backend database, and in certain circumstances can be utilized to take complete control of a system. Cross-Site Request Forgery relies on a browser to retrieve and execute an attack. It includes a link or script in a page that connects to a site that the user may have recently used. The script then conducts seemingly authorized yet malicious actions on the user’s behalf. HTTP Header Injection can be used to insert arbitrary data into the affected HTTP header field, possibly leading to HTML Injection, ross-Site Request Forgery, Cross-Site Scripting, and other attacks. Updates which resolve these vulnerabilities are available. Contact the vendor for further information.

 

http://www.securityfocus.com/bid/46291
http://www.securityfocus.com/bid/46292
http://www.securityfocus.com/bid/46423

 

5) Adobe ColdFusion Multiple Vulnerabilities

 

Adobe ColdFusion is susceptible to multiple vulnerabilities including Cross-Site Scripting, session fixation, and CRLF Injection.  If successful, Cross-Site Scripting can be exploited to manipulate or steal cookies, create requests that can be mistaken for those of a valid user, compromise confidential information, or execute malicious code on end user systems. Victims who are enticed into visiting a malicious URI can have their session hijacked and give an attacker unauthorized access to the application. CRLF Injection can be used to  add arbitrary headers to a web page, possibly leading to more damaging attacks. Updates which resolve these vulnerabilities are available. Contact the vendor for more details.

 

http://www.securityfocus.com/bid/46277
http://www.securityfocus.com/bid/46278
http://www.securityfocus.com/bid/46281

 

6) Hitachi Tuning Manager Unspecified Cross-Site Scripting Vulnerability

 

Hitachi Tuning Manager is susceptible to a Cross-Site Scripting vulnerability. Arbitrary script code can be executed in context of the affected site in the browsers of unsuspecting users if this vulnerability is successfully exploited.  Updates which resolve this vulnerability are available. Contact the vendor for further details.

 

http://www.securityfocus.com/bid/46175

 

7) IBM Rational Build Forge 'fullcontrol/' Cross-Site Scripting Vulnerability

 

IBM Rational Build Forge is susceptible to a Cross-Site Scripting vulnerability. An attacker can leverage Cross-Site Scripting to execute script code in the browsers of unsuspecting users in context of the affected application, possibly leading to theft of authentication credentials and other attacks. Updates which resolve this vulnerability are available. Contact the vendor for additional information.

 

http://www.securityfocus.com/bid/46125

 

8) Apache Tomcat HTML Manager Interface HTML Injection Vulnerability

 

Apache Tomcat is susceptible to an HTML Injection vulnerability. HTML Injection is used to add content into a web server’s response, which can then be used to steal cookie-based authentication credentials, execute arbitrary code in context of the site, or simply alter how the site appears. Updates which resolve this vulnerability are available. Contact the vendor for further details.

 

http://www.securityfocus.com/bid/46174

 

9) IBM Rational Team Concert 'Report Name' Field HTML Injection Vulnerability

 

IBM Rational Team Concert is susceptible to an HTML Injection vulnerability.  This can be leveraged by an attacker to retrieve cookie-based authentication information, deface the site, or execute arbitrary code in context of the site.  Updates which resolve this vulnerability are available. Contact the vendor for more details.

 

http://www.securityfocus.com/bid/46179

 

10)Bugzilla Multiple Vulnerabilities

 

Bugzilla is susceptible to multiple vulnerabilities including several instances of Cross-Site Scripting and Cross-Site Request Forgery. Cross-Site Scripting can be exploited to execute code in the browser of an unsuspecting user and steal cookie-based authentication credentials. Cross-Site Request Forgery leverages the trust a web application places in a user to make authenticated requests to a target site for which the user is logged in, and can be used to abuse any type of functionality the target web application contains. Updates which resolve these vulnerabilities are available. Contact the vendor for further information.

 

http://www.securityfocus.com/bid/45982

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation