HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

CERT-In Vulnerability Note CIVN-2008-72
Sun Java System Web Server Advanced Search Mechanism Cross Site Scripting Vulnerability

Original Issue Date: June 05, 2008

Severity Rating: Medium

System Affected

  • Sun Java System Web Server 6.1 before SP9
  • Sun Java System Web Server 7.0 before Update 3

on SPARC, x86, Linux, Windows, HP-UX, and AIX platforms.

Overview

Cross Site Scripting vulnerability has been reported in Sun Java System Web Server Advanced Search Mechanism, which could allow the execution of arbitrary scripts in the context of the site that uses the affected functionality.

Description

This issue is caused by Input Validation Errors in the Advanced Search Mechanism (webapps/search/advanced.jsp) of Sun Java System Web Server when processing the user-supplied data. This vulnerability can be exploited by tricking a user into clicking on a specially crafted URL.

Successfully exploiting this issue allows the execution of arbitrary scripts which could help the attacker to steal cookie-based authentication credentials or access the data recently submitted by the target user via web form to the web site.

Workaround

  • Edit the <install dir>/bin/https/webapps/search/advanced.jsp file and remove the following lines:

    <input type=hidden name="next" value="<%=rquest.getParameter("next")%>">
    "out.println(s);"

Solution

 Apply appropriate updates as mentioned in the Sun Alert Solution 236481
http://sunsolve.sun.com/search/document.do?assetkey=
1-66-236481-1

Vendor Information
Sun Microsystems
http://sunsolve.sun.com/search/document.do?assetkey
=1-66-236481-1

References

FrSIRT
http://www.frsirt.com/english/advisories/2008/1649

SecurityFocus
http://www.securityfocus.com/bid/29355/info

SecurityTracker
http://securitytracker.com/alerts/2008/May/1020110.html

Secunia
http://secunia.com/advisories/30381

X-Force
http://xforce.iss.net/xforce/xfdb/42624

CVE-Name
CVE-2008-2518

CWE-Name
CWE-79

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003