注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

Tetraph 的博客

IT 计算机网络信息安全技术 数学 统计 云计算 安全漏洞 日常随笔 散文 音乐

 
 
 

日志

 
 

【转载】Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities  

2015-05-09 15:13:45|  分类: 转载 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities - whitehat - 白帽子安全漏洞
 


Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities

 

Exploit Title: Feed2JS v1.7 magpie_debug.php? &url parameter XSS Security Vulnerabilities

Product: Feed2JS

Vendor: feed2js.org

Vulnerable Versions: v1.7

Tested Version: v1.7

Advisory Publication: May 09, 2015

Latest Update: May 09, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: *

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

Writer and Reporter: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)

 

 

 

Proposition Details:

 

(1) Vendor & Product Description:

Vendor:

feed2js.org

 

Product & Vulnerable Versions:

Feed2JS

v1.7

 

Vendor URL & Download:

Feed2JS can be downloaded from here,

https://feed2js.org/index.php?s=download

 

Source code:

http://www.gnu.org/licenses/gpl.html

 

Product Introduction Overview:

"What is "Feed to JavaScript? An RSS Feed is a dynamically generated summary (in XML format) of information or news published on other web sites- so when the published RSS changes, your web site will be automatically changed too. It is a rather simple technology that allows you, the humble web page designer, to have this content displayed in your own web page, without having to know a lick about XML! Think of it as a box you define on your web page that is able to update itself, whenever the source of the information changes, your web page does too, without you having to do a single thing to it. This Feed2JS web site (new and improved!) provides you a free service that can do all the hard work for you-- in 3 easy steps:

Find the RSS source, the web address for the feed.

Use our simple tool to build the JavaScript command that will display it

Optionally style it up to look pretty.

Please keep in mind that feeds are cached on our site for 60 minutes, so if you add content to your RSS feed, the updates will take at least an hour to appear in any other web site using Feed2JS to display that feed. To run these scripts, you need a web server capable of running PHP which is rather widely available (and free). You will need to FTP files to your server, perhaps change permissions, and make some basic edits to configure it for your system. I give you the code, getting it to work is on your shoulders. I will try to help, but cannot always promise answers."

 

 

 

(2) Vulnerability Details:

Feed2JS web application has a computer security bug problem. It can be exploited by stored XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.

Several other Feed2JS products 0-day vulnerabilities have been found by some other bug hunter researchers before. Feed2JS has patched some of them. "Openwall software releases and other related files are also available from the Openwall file archive and its mirrors. You are encouraged to use the mirrors, but be sure to verify the signatures on software you download. The more experienced users and software developers may use our CVSweb server to browse through the source code for most pieces of Openwall software along with revision history information for each source file. We publish articles, make presentations, and offer professional services." Openwall has published suggestions, advisories, solutions details related to XSS vulnerabilities.

 

(2.1) The first programming code flaw occurs at "&url" parameter in "magpie_debug.php?" page.

 

 

 

 

References:

http://www.tetraph.com/security/xss-vulnerability/feed2js-v1-7-xss/

http://securityrelated.blogspot.com/2015/05/feed2js-v17-xss-cross-site-scripting.html

http://www.inzeed.com/kaleidoscope/computer-web-security/feed2js-v1-7-xss/

http://diebiyi.com/articles/%E5%AE%89%E5%85%A8/feed2js-v1-7-xss/

https://vulnerabilitypost.wordpress.com/2015/05/08/feed2js-v1-7-xss/

http://whitehatpost.blog.163.com/blog/static/24223205420154810359682/

https://progressive-comp.com/?l=full-disclosure&m=142907534026807&w=2

https://www.bugscan.net/#!/x/21291

http://bluereader.org/article/27452996

http://lists.openwall.net/full-disclosure/2015/04/15/4

  评论这张
 
阅读(3)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2017