给我一瓢长江水啊长江水
那酒一样的长江水
那醉酒的滋味是乡愁的滋味
给我一瓢长江水啊长江水

© 乡土情深
Powered by LOFTER

CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site

来自:whitehat


CVE-2014-8753  Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities - whitehat - 白帽子安全漏洞

 

CVE-2014-8753  Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities



Exploit Title: Cit-e-Net Multiple XSS (Cross-Site Scripting) Web Security Vulnerabilities

Product: Cit-e-Access

Vendor: Cit-e-Net

Vulnerable Versions: Version 6

Tested Version: Version 6

Advisory Publication: February 12, 2015

Latest Update: June 01, 2015

Vulnerability Type: Cross-Site Scripting [CWE-79]

CVE Reference: CVE-2014-8753

Impact CVSS Severity (version 2.0):

CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type: Allows unauthorized modification

Discover and Author: Jing Wang [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing)







Instruction Details:

(1) Vendor & Product Description:




Vendor:

Cit-e-Net


Product & Version: 

Cit-e-Access

Version 6


Vendor URL & Download: 

Cit-e-Net can be downloaded from here,

https://www.cit-e.net/citeadmin/help/cntrainingmanualhowto.pdf

http://demo.cit-e.net/

http://www.cit-e.net/demorequest.cfm

http://demo.cit-e.net/Cit-e-Access/ServReq/?TID=1&TPID=17




Product Introduction:

"We are a premier provider of Internet-based solutions encompassing web site development and modular interactive e-government applications which bring local government, residents and community businesses together.


Cit-e-Net provides a suite of on-line interactive services to counties, municipalities, and other government agencies, that they in turn can offer to their constituents. The municipal government achieves a greater degree of efficiency and timeliness in conducting the daily operations of government, while residents receive improved and easier access to city hall through the on-line access to government services.


Our web-based applications can help your municipality to acheive its e-government goals. Type & click website content-management empowers the municipality to manage the website quickly and easily. Web page styles & formats are customizable by the municipality, and because the foundation is a database application, user security can be set for individual personnel and module applications. Our application modules can either be integrated into your existing municipal web site or implemented as a complete web site solution. It's your choice! Please contact us at info@cit-e.net to view a demonstration of our municipal web site solution if you are an elected official or member of municipal management and your municipality is looking for a cost efficient method for enhancing & improving municipal services. 


Interactive Applications

Online Service Requests

Online Tax Payments by ACH electronic-check or credit card.

Online Utility Payments by  ACH electronic-check or credit card.

Online General-Payments by ACH electronic-check or credit card.

Submit Volunteer Resume's Online for the municipality to match your skills with available openings."






(2) Vulnerability Details:

Cit-e-Access web application has a security bug problem. It can be exploited by XSS attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.


Several similar products 0Day vulnerabilities have been found by some other bug hunter researchers before. Cit-i-Access has patched some of them. Open Sourced Vulnerability Database (OSVDB) is an independent and open-sourced database. The goal of the project is to provide accurate, detailed, current, and unbiased technical information on security vulnerabilities. The project promotes greater, open collaboration between companies and individuals. It has published suggestions, advisories, solutions details related to important vulnerabilities and cyber intelligence.



(2.1) The first programming code flaw occurs at "/eventscalendar/index.cfm?" page with "&DID" parameter in HTTP GET.


(2.2) The second programming code flaw occurs at "/search/index.cfm?" page with "&keyword" parameter in HTTP POST.


(2.3) The third programming code flaw occurs at "/news/index.cfm" page with "&jump2" "&DID" parameter in HTTP GET.


(2.4) The fourth programming code flaw occurs at "eventscalendar?" page with "&TPID" parameter in HTTP GET.


(2.5) The fifth programming code flaw occurs at "/meetings/index.cfm?" page with "&DID" parameter in HTTP GET.






(3) Solutions:

Leave message to vendor. No response.

http://www.cit-e.net/contact.cfm








References:

http://seclists.org/fulldisclosure/2015/Feb/48

http://lists.openwall.net/full-disclosure/2015/02/13/2

http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1587

https://www.mail-archive.com/fulldisclosure%40seclists.org/msg01683.html

https://computerpitch.wordpress.com/2015/06/07/cve-2014-8753/

http://webtechhut.blogspot.com/2015/06/cve-2014-8753.html

https://www.facebook.com/websecuritiesnews/posts/804176613035844

https://twitter.com/tetraphibious/status/607381197077946368

http://biboying.lofter.com/post/1cc9f4f5_7356826

http://shellmantis.tumblr.com/post/120903342496/securitypost-cve-2014-8753

http://itprompt.blogspot.com/2015/06/cve-2014-8753.html

http://whitehatpost.blog.163.com/blog/static/24223205420155710559404/

https://plus.google.com/u/0/113115469311022848114/posts/FomMK9BGGx2

https://www.facebook.com/pcwebsecurities/posts/702290949916825

http://securitypost.tumblr.com/post/120903225352/cve-2014-8753-cit-e-net

http://webtech.lofter.com/post/1cd3e0d3_7355910

http://www.inzeed.com/kaleidoscope/cves/cve-2014-8753/

http://diebiyi.com/articles/security/cve-2014-8753/












评论