CERT-MU :Advisories

Home | Search | FAQ | Site Map | Contact Us

|| Hotline : 800 2378 || To contact CERT-MU send e-mail on --> info[at]cert-mu.gov.mu || To report incident e-mail on --> incident[at]cert-mu.gov.mu || To report Vulnerabilities send e-mail on --> Vulnerability[at]cert-mu.gov.mu ||

Charter & Mission

CERT-MU Services

Constituency

Authority

Incident Reporting

Vulnerability Reporting

Incident Statistics Forms

Vol. 2, Feb 2012

Vol. 1, Oct 2011

World CERTs

Security Sites

Security Tools

Antivirus Resources

Email Abuse

Network Abuse

Anti-Spam Initiative

Cyber Security Portal

Safer Internet Day

Computer Security Day

National Computer Board

Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University

CERT-MU AD-2008-11

Cross-Site Scripting Vulnerability in the Sun Java System Web Server Advanced Search Mechanism

Original Issue Date: 23 rd May 2008

Overview

Cross Site Scripting vulnerability has been reported in Sun Java System Web Server Advanced Search Mechanism, which could allow the execution of arbitrary scripts in the context of the site that uses the affected functionality.

Description

This issue is caused by Input Validation Errors in the Advanced Search Mechanism (webapps/search/advanced.jsp) of Sun Java System Web Server when processing the user-supplied data. This vulnerability can be exploited by tricking a user into clicking on a specially crafted URL.

Successfully exploiting this issue allows the execution of arbitrary scripts which could help the attacker to steal cookie-based authentication credentials or access the data recently submitted by the target user via web form to the web site.

Affected systems

SPARC Platform

Sun Java System Web Server 6.1 without Service Pack 9
Sun Java System Web Server 6.1 without patch 116648-21
Sun Java System Web Server 7.0
Sun Java System Web Server 7.0 Update 1 and Update 2

x86 Platform

Sun Java System Web Server 6.1 without Service Pack 9
Sun Java System Web Server 6.1 without patch 11649-21
Sun Java System Web Server 7.0
Sun Java System Web Server 7.0 Update 1 and Update 2

Linux

Sun Java System Web Server 6.1 without Service Pack 9
Sun Java System Web Server 6.1 without patch 118202-13
Sun Java System Web Server 7.0
Sun Java System Web Server 7.0 Update 1 and Update 2

Windows

Sun Java System Web Server 6.1 without Service Pack 9
Sun Java System Web Server 6.1 without patch 121524-05
Sun Java System Web Server 7.0
Sun Java System Web Server 7.0 Update 1 and Update 2

HP-UX

Sun Java System Web Server 6.1 without Service Pack 9
Sun Java System Web Server 6.1 without patch 121510-05
Sun Java System Web Server 7.0
Sun Java System Web Server 7.0 Update 1 and Update 2

AIX

Sun Java System Web Server 6.1 without Service Pack 9

impact

A Cross-Site Scripting ( CSS or XSS) vulnerability in the Sun Java System Web Server's advanced search mechanism may may allow an unprivileged remote user the ability to execute arbitrary JavaScript commands in a client user's web browser. This may allow the remote user to steal cookie information, hijack sessions, or cause a loss of data privacy.

Workarounds

The following file can be edited to workaround this issue:

<install root>/bin/https/webapps/search/advanced.jsp

by removing the following lines:

<input type=hidden name="next" value="<%=rquest.getParameter("next")%>">
"out.println(s);"

Solutions

Refer for http://sunsolve.sun.com/search/document.do?assetkey=1-66-236481-1 for details of updates available.

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Vendor Information

Sun Microsystems

CVE-Name