Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability

2007.10.20
Credit: Tamer Sahin
Risk: Low
Local: No
Remote: Yes
CWE: N/A


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

-----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 - --[ Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability ]-- - --[ Type Information Leakage - --[ Release Date March 17, 2003 - --[ Product / Vendor NetCharts XBRL Server 4.0 is a data visualization service that generates charts and graphs, tables, and reports. It can be used alone or in conjunction with any web infrastructure from the simplest CGI scripts to the most sophisticated Enterprise Application Server. Any data source? - Oracle - Sybase - Any JDBC - Any ODBC: Excel, Access, SQL Server - Legacy systems - XBRL - XML - ?and others Anyhow, anywhere? - TIFF, BMP, JPEG - Java Applets - Flash, PDF, HTML pages - J2EE - COM / ASP / .NET - Cold Fusion - ?and more http://www.visualmining.com - --[ Summary A client may connect to the target machine and deliver several requests with an invalid chunked encoded body. The potential for information leakage is great but the risk is mitigated somewhat by the unpredictability of the query-response desynchronisation. Depending on the target site this may be somewhat exploitable by a malicious user to redirect other users to a specific response by saturating the communcation channels with a desired response. ==================== SNIP ==================== GET /index.jsp HTTP/1.1 Host: victim.com Transfer-Encoding: Chunked 53636f7474 ==================== SNIP ==================== Related: Recently disclosured advisory: http://online.securityfocus.com/bid/6320 - --[ Tested Netcharts XBRL Server v4.0.0 for Windows 2000 - --[ Vulnerable Netcharts XBRL Server v4.0.0 for Windows 2000 - --[ Disclaimer http://www.securityoffice.net is not responsible for the misuse or illegal use of any of the information and/or the software listed on this security advisory. - --[ Author Tamer Sahin ts (at) securityoffice (dot) net [email concealed] http://www.securityoffice.net All our advisories can be viewed at http://www.securityoffice.net/articles/ Please send suggestions, updates, and comments to feedback (at) securityoffice (dot) net [email concealed] (c) 2002 SecurityOffice This Security Advisory may be reproduced and distributed, provided that this Security Advisory is not modified in any way and is attributed to SecurityOffice and provided that such reproduction and distribution is performed for non-commercial purposes. Tamer Sahin http://www.securityoffice.net -----BEGIN PGP SIGNATURE----- Version: 2.6 iQEVAwUAPnXY7fpL5ibJRTtBAQGXHAf/aFEOVrmg+j6Jv9gLKjagsKaoxU+BvVLq 2pQ70Am/UaPTQizUmHGaLKY0X+VsZD256HLqXnmtk9QFcTXh+aZVJxIW+T8M1FFj NgKNTVqECC8NnXiBVpo2SNJZEX77ufgBvOohAXuaI5mtZ6YuzRt8NpcC0+2phMOS bXRgfGZCNXCtzvNoKjL1miEiJHnwDuNRHP4ISTKhVRSOPZhVDatYnY/QoKWUvwAu n7O5WoW5tWLmVTcTdmcxa+qXVjbei+IdYIay7xFJvzwJz86/G0aD9ERrn9oVcdQw 1hG2oZkqWMJZyvnQhtlWWIr5GCjTSgIVzvc83UtSsN9Cr5IRw2hBbw== =5zfY -----END PGP SIGNATURE-----


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top