Sun iPlanet Error Page HREF Link cross site scripting

VulDB: Sun iPlanet Error Page HREF Link cross site scripting

General

Sun

scipID: 5628
Affected: Sun iPlanet
Published: 06/30/2012 (Bugs NotHugs)
Risk: critical
Entry: 89.5% complete
Created: 07/04/2012
Updated: 07/05/2012

Summary

A vulnerability classified as critical has been found in Sun iPlanet. Affected is an unknown function of the component Error Page. The manipulation of the argument Request URI as part of a HREF Link leads to a cross site scripting vulnerability. This is going to have an impact on confidentiality, and integrity.

The weakness was presented 06/30/2012 by Bugs NotHugs. The advisory is shared for download at seclists.org. The public release happened without coordination with the vendor. The exploitability is told to be easy. It is possible to launch the attack remotely. The exploitation doesn’t require any form of authentication. Technical details and a public exploit are known.

An exploit has been developed by BugsNotHugs in HTTP Request and been published immediately after the advisory. It is declared as proof-of-concept. The exploit is shared for download at seclists.org.

It is possible to mitigate the weakness by firewalling Web Server Port. It is possible to mitigate the problem by adding .htaccess as an authentication mechanism. The problem might be mitigated by replacing the product with Apache or MS IIS as an alternative. The best possible mitigation is suggested to be applying a restrictive firewalling. The vulnerability is also documented in the vulnerability database at OSVDB (83485).