[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [hobbit] RE: Hobbit Security (Cross-Site Scripting)

To: hobbit (at) hswn.dk
Subject: Re: [hobbit] RE: Hobbit Security (Cross-Site Scripting)
From: Stewart L <stewartl42 (at) gmail.com>
Date: Fri, 19 Jun 2009 13:07:00 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=AugD44gsDgyD3p6b3BQVD/hKoNAXOK+4aqeTWAxdDHg=; b=vtVkszVhZvR6+2QRDOtx6OFoaErCkE90De01tXHCr2gCQ0HPG5rj9Wx0l6q95g/8La yAPAVQ6q4Xsj4c7bZ3U40H60zWneABUrPTf7yg1X39BGHCxrQNElKaVWJvOYYet1KnN1 D5Y4yFkNQL+XwLZWfJomSDbs8JrglHS5sOAo4=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=fu5nQq8D2PZj6/uUZIR4Iz+wKIApg8RfZhGaQ2PQAhir0OQTdL8i8MHvuTJm0L4sj4 HHFdTZjRUTO/Fk8ElGOhbxwvU4Spe0PbDQO634IsGDaXEYv3ZOJ2gHfXjh+W5KIoEGqN AhOU7dbSFqVjnkqK/7EutCJOHP5WI3vAn2M2M=
References: <-8133375572309883644 (at) unknownmsgid> <1d23acab0906190720i50cf5e1ay57fcd8dede10e5af (at) mail.gmail.com> <3603650137414679932 (at) unknownmsgid> <1d23acab0906190818n7696aee5vf60444713285c5a9 (at) mail.gmail.com>

I found a bunch of the same stuff (and more).  Looks like most of it is
duplicates on the same pages/attributes.

For Example, on hobbit-enadis.sh,  ippattern is not validated.  This shows
up for me as multiple issues, but it's one root cause.

What you have to decide is how much of a risk does this really pose.

Any of the pages that allow you to change anything should be password
protected and only trusted users should be able to access.  There is not a
SQL server behind the thing, so who cares about SQL injection.  They are not
going to delete your data.

Stewart

On Fri, Jun 19, 2009 at 11:18 AM, Stewart L <stewartl42 (at) gmail.com> wrote:

> It's usually a bit more complicated that just quoting the user input.   I'm
> actually scanning a fresh install with IBM Appscan Enterprise when you
> mentioned it... :)
>
>
>
> On Fri, Jun 19, 2009 at 11:09 AM, David Cecchino <
> david.cecchino (at) datacure.com> wrote:
>
>>  HP Webinspect scans of xymon show it is vulnerable to XSS , is there  a
>> way of putting quotes around the url variables/strings?
>>
>>
>>
>>
>>
>
>
>
>  --
> Stewart
> --
> An infinite number of mathematicians walk into a bar. The first one orders
> a beer. The second orders half a beer. The third, a quarter of a beer. The
> bartender says "You're all idiots", and pours two beers.
>

-- 
Stewart
--
An infinite number of mathematicians walk into a bar. The first one orders a
beer. The second orders half a beer. The third, a quarter of a beer. The
bartender says "You're all idiots", and pours two beers.

References:
- Re: [hobbit] RE: Hobbit Security (Cross-Site Scripting)
  - From: Stewart L
- Re: [hobbit] RE: Hobbit Security (Cross-Site Scripting)
  - From: Stewart L

Prev by Date: RE: [hobbit] Disk Ignore - easy
Next by Date: Problem with hobbit 4.2.0 on Solaris 10 with ZFS enabled
Previous by thread: Re: [hobbit] RE: Hobbit Security (Cross-Site Scripting)
Next by thread: Disk Ignore - easy
Index(es):
- Date
- Thread