SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   Highwall Enterprise Vendors:   Highwall Technologies
Highwall Enterprise Input Validation Hole Permits Cross-Site Scripting Attacks and Input Validation Flaw Lets Remote Users Inject SQL Commands
SecurityTracker Alert ID:  1017091
SecurityTracker URL:  http://securitytracker.com/id/1017091
CVE Reference:   CVE-2006-5408, CVE-2006-5409   (Links to External Site)
Updated:  Jun 3 2008
Original Entry Date:  Oct 19 2006
Impact:   Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network

Version(s): 4.0.2.11045
Description:   A vulnerability was reported in Highwall Enterprise. A remote user can conduct cross-site scripting attacks. A remote user can inject SQL commands.

The management interface does not properly filter HTML code from user-supplied input before displaying the input. A remote user can ccause arbitrary scripting code to be executed by the target administrative user's browser. The code will originate from the site running the Highwall Enterprise software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

A remote authenticated administrator can supply a specially crafted parameter value to execute SQL commands on the underlying database.

The vendor was notified on September 8, 2006.

Positive Technologies reported this vulnerability.

Impact:   A remote user can access the target administrative user's cookies (including authentication cookies), if any, associated with the site running the Highwall Enterprise software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

A remote authenticated administrator can execute SQL commands on the underlying database.

Solution:   No solution was available at the time of this entry.
Vendor URL:  www.highwalltech.com/products.cfm?page=hwent (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents

Subject:  [Full-disclosure] Multiple vulnerabilities in Highwall Enterprise

Multiple vulnerabilities in Highwall Enterprise and Highwall Endpoint 
4.0.2.11045 management interface


SUMMARY

Highwall Enterprise and Highwall Endpoint wireless IDS management interface 
contain multiple vulnerabilities which can lead to privilege escalation and 
code execution.

DETAILS

Web interface of Highwall Enterprise and Highwall Endpoint don't properly 
screens characters in user supplied input. This can lead to Multiple 
Cross-Site Scripting and SQL Injection conditions. Vulnerabilities can be 
exploited by malicious system operator to escalate privileges or run code on 
his choice in context of Microsoft SQL Server back-end database. Also these 
vulnerabilities possible can be exploited by external attacker by using 
Access Point with special created SSID to bypass security restrictions or 
escalate privileges.

DISCLOSURE TIMELINE

8 September 2006 - Initial vendor contact, no response received.
September 2006 - Initial vendor contact, no response received.
18 October 2006 - Public disclosure 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC