OpenAdmin Tool for Informix informixserver Parameter XSS

medium Nessus Plugin ID 56172

Synopsis

The remote web server hosts a PHP script that is prone to a cross- site scripting attack.

Description

The instance of OpenAdmin Tool for Informix hosted on the remote web server fails to sanitize user input to the 'informixserver' parameter of its 'index.php' script before using it to generate dynamic HTML output.

An attacker may be able to leverage this issue to inject arbitrary HTML or script code into a user's browser to be executed within the security context of the affected site.

Note that this script is likely affected by other cross-site scripting issues involving the 'host' and 'port' parameters as well, although Nessus has not checked for them.

Solution

Upgrade to OpenAdmin Tool version 2.72 or later as that reportedly fixes the vulnerability.

See Also

http://voidroot.blogspot.com/2011/08/xss-in-ibm-open-admin-tool.html

https://seclists.org/bugtraq/2011/Aug/203

Plugin Details

Severity: Medium

ID: 56172

File Name: openadmin_tool_informixserver_xss.nasl

Version: 1.12

Type: remote

Published: 9/13/2011

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.8

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:ibm:openadmin_tool

Required KB Items: www/PHP, www/openadmin

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 3/1/2011

Vulnerability Publication Date: 8/19/2011

Reference Information

CVE: CVE-2011-3390

BID: 49364

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990