IntraLearn 2.1 Multiple Vulnerabilities

2009-09-02 / 2009-09-03
Credit: Jericho
Risk: Medium
Local: No
Remote: Yes

IntraLearn 2.1 Multiple Vulnerabilities http://www.intralearn.com/ 1) Cross-site Scripting (XSS) URL Variables /library/description_link.cfm outline, course /library/courses_catalog.cfm records_to_display, the_start 2) Login Information Cached In Memory The login POST requests for the IntraLearn returns a 200 OK HTTP response code. As long as the browser window is not closed, it is possible for someone to use the browsers "Back" button until the page after the login page is reached. At this point, the browser will prompt the user to re-post the data to the server. This data, the username and password, is pulled from memory and resubmitted to the server. The user will then be authenticated to the IntraLearn application. 3) IntraLearn Physical Path Disclosure Several pages of the IntraLearn web application disclose the physical path of the software installation. By making a direct request to one of several pages, the application wll cause an error message that discloses the information. /help/1/Instructor/Knowledge_Impact_Course.htm /help/1/Instructor/LRN-formatted_Course.htm /help/1/Instructor/Create_Course.htm 2008-02-17 support@intralearn.com contacted 2008-02-21 reply from P.D. @intralearn received; 2.1 is outdated, up to 4.2.3 or 5.1 (soon) to fix 2008-03-15 disclosed Jericho attrition.org

Referencje:

http://osvdb.org/ref/42/intralearn-21-multiple.txt
http://osvdb.org/42989
http://osvdb.org/42988


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top