| VID |
23067 |
| Severity |
30 |
| Port |
6680 |
| Protocol |
TCP |
| Class |
LDAP |
| Detailed Description |
The SurgeLDAP server is vulnerable to a Cross-Site Scripting Vulnerability.
SurgeLDAP is a Lightweight Directory Access Protocol (LDAP) v3 server for Microsoft Windows and Linux-based operating systems. The versions v1.0d or prior of the SurgeLDAP are vulnerable to a Cross-Site Scripting Vulnerability, caused by improper filtering of user-supplied input in the CGI scripts, such as the "user.cgi". By sending a HTTP request containing a malicious HTML or JavaScript to this CGI script, a remote attacker could execute it in the target's web browser within the security context of the hosting site. An attacker could be use this vulnerability to steal the target's cookie-based authentication.
http://[host]:6680/user.cgi?cmd=<script>alert('XSS')</script>&utoken=
* References:
http://www.securiteam.com/windowsntfocus/5RP0I0UAUI.html
* Platforms Affected:
NetWin surgeLDAP version 1.0d and the prior.
Linux Any version
Windows Any version |
| Recommendation |
Upgrade to the latest version, or the version 1.0e or later of SurgeLDAP from the SurgeLDAP Web site: http://netwinsite.com/SurgeLDAP/ . The latest version(v1.0g) has been released on the December 2003. |
| Related URL |
(CVE) |
| Related URL |
8407 (SecurityFocus) |
| Related URL |
12901 (ISS) |
|
