SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Game)  >   X-stat Vendors:   Xqus.com
X-stat Log File Analysis Tool Has Multiple Vulnerabilities That Allow Remote Users to Obtain Information About the System and Conduct Cross-Site Scripting Attacks Against x-stat Administrators
SecurityTracker Alert ID:  1003827
SecurityTracker URL:  http://securitytracker.com/id/1003827
CVE Reference:   CVE-2002-2044, CVE-2002-2045   (Links to External Site)
Updated:  May 22 2008
Original Entry Date:  Mar 15 2002
Impact:   Disclosure of authentication information, Disclosure of system information, Execution of arbitrary code via network
Exploit Included:  Yes  
Version(s): 2.3 and prior versions
Description:   A vulnerability has been reported in the 'x-stat' web server log file analysis tool. A remote user can conduct cross-site scripting attacks against x-stat administrators and can also obtain information about the server.

It is reported that the vulnerabilities reside in x_stat_admin.php.

A remote user can request a non-existent function with the following type of URL to cause the server to return the full installation path of the script:

x_stat_admin.php?action=[non-existent function]

A remote user can use the following type of URL to execute the phpinfo() function to cause the server to return various information, including the hostname, the operating system, the server type, and other potentially sensitive information.

x_stat_admin.php?action=phpinfo

A remote user can create HTML containing a URL with malicious scripting that, when viewed by a target (victim) administrator will cause arbitrary code to be executed on the victim's browser:

http://[targethost]/x_stat_admin.php?action=phpinfo&<script>[SCRIPT]</script>

This script will run in the context of the x-stat server and will be able to access the target user's cookies associated with that server (if there are any cookies).

Impact:   A remote user can obtain potentially sensitive information about the x-stat server. A remote user can conduct cross-site scripting attacks against x-stat administrators to steal the administrator's cookies associated with the x-stat server.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.xqus.com/index.php?page=x_stat (Links to External Site)
Cause:   Exception handling error, Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)
Underlying OS Comments:  PHP-based

Message History:   None.


 Source Message Contents

Subject:  X_holes




Products :
x_stat v2.3 and less
x_news v1.1

Website :
http://www.xqus.com/

problems :
x_stat :
- Recovery of numerous data about the computer 
(phpinfo ()). 
- Cross Site Scripting
- Path disclosure

x_news :
- Access to the admin menu 

More details in french :
http://www.ifrance.com/kitetoua/tuto/x_holes.txt

Translated by Google :
http://translate.google.com/translate?u=http%3A%
2F%2Fwww.ifrance.com%2Fkitetoua%2Ftuto%
2Fx_holes.txt&langpair=fr%7Cen&hl=en&prev=%
2Flanguage_tools

frog-m@n

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC