224
phpGroupWare prior 0.9.16.003 cross site scripting
CGI
2004/09/14
Marc Ruef
marc dot ruef at computec dot ch
http://www.computec.ch
computec.ch
Marc Ruef
marc dot ruef at computec dot ch
http://www.computec.ch
computec.ch
2004/11/14
2.0
Corrected the plugin structure and added the accuracy values in 1.1. Improved the pattern matching and introduced the plugin changelog in 2.0
tcp
80
open|send GET /login.php HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *phpGroupWare*0.[0-8].* OR HTTP/#.# ### *phpGroupWare*0.9.0* OR HTTP/#.# ### *phpGroupWare*0.9.1[0-3]* OR HTTP/#.# ### *phpGroupWare*0.9.14.00[0-6]*
80
This ATK plugin is inspired by the Nessus plugin.
info at phpgroupware dot org
http://www.phpgroupware.org
phpgroupware.org
2004/09/07
http://downloads.phpgroupware.org/changelog
phpGroupWare prior 0.9.16.003
phpGroupWare newer than 0.9.16.003 or other solutions
Cross Site Scripting
The target system is running phpGroupWare prior 0.9.16.003, a multi-user groupware suite written in PHP. There is a cross site scripting vulnerability in it. An attacker may use this flaw to steal the cookies of the victim or may perform other attacks.
You should install or upgrade the software to the latest version. See http://www.phpgroupware.org for more details. Change the default directory of the affected suite to make it harder to run pre-defined and automated attacks against the vulnerability. Also limit unwanted connections and communications with firewalling if possible.
Approx. 30 minutes
Maybe
http://www.securityfocus.com/bid/11144/exploit/
Yes
No
Medium
4
8
7
5
Low
Nessus is able to do the same check,
11130
14708
Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
http://www.phpgroupware.org
