Dell packetTrap PSA多个HTML注入漏洞

Dell packetTrap PSA多个HTML注入漏洞

发布日期：2013-07-18
更新日期：2013-07-19

受影响系统：
Dell packetTrap PSA
描述：
--------------------------------------------------------------------------------
BUGTRAQ  ID: 61318

Dell packetTrap PSA是IT管理和网络监控软件。

Dell packetTrap PSA 7.1存在多个HTML注入漏洞，成功利用后可使攻击者提供的HTML和脚本代码运行在受影响浏览器上下文中，执行未授权数据库操作。

<*来源：Benjamin Kunz Mejri
  *>

测试方法：
--------------------------------------------------------------------------------

警 告

以下程序(方法)可能带有攻击性，仅供安全研究与教学之用。使用者风险自负！

Review: Contract Overview & Edit - Listing

<div>
<h1>Contract: <span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span></h1>
<h2><a href="https://www.example.com/customers/customer.aspx?customerId=33628564";><span
id="lblCustomerName">Sample Customer</span></a></h2>
</div>

... &

<td>Contract Name:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span>
</td>
</tr>

Review: Equipment Item Overview & Edit - Listing

<td>
Purchase Info.:
</td>
<td>
<span>Purchased on Dec 11, 2012 from "><[PERSISTENT INJECTED SCRIPT CODE!]></span>
</td>
</tr>

Review: Import Customer Equipment Records Overview - Listing

</tr><tr valign="top">
<td><!--?php</td-->
</td></tr><tr valign="top">
<td>phpinfo();</td> O_O
</tr><tr valign="top">
<td>?></td>
</tr><tr valign="top">
<td>><[PERSISTENT INJECTED SCRIPT CODE!](</td">
</tr>
</table>

Review: Labor Rate Details - Listing

<td>
Name/No.:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span>
</td>
</tr>
<tr>
<td>Description:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span></td>
</tr>

... &

<td>Account Name:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span></td>
</tr>

Review: Materials Item Overview - Listing

<span>"><[PERSISTENT INJECTED SCRIPT CODE!]">
</td>
</tr>
<tr>
<td>
Description:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span></td>
</tr>

... &

<table cellpadding="4" cellspacing="0">
<tbody><tr>
<td colspan="2">
<hr></td>
</tr>
<tr>
<td>Manufacturer:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span></td>
</tr>
<tr><td>Mfr. Item No.:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span></td>
</tr>
<tr><td>Mfr. Item Desc.:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span></td>
</tr>

... &

<tr><td>Account Name:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span></td>
</tr>
<tr>
<td colspan="2">
<hr></td>
</tr>
<tr>
<td>Id:</td>
<td>
<span>33583304</span></td>
</tr>
<tr>
<td>Created:</td>
<td>
<span>by the storm on Dec 9, 2012 at 5:11 PM</span></td>
</tr>
<tr>
<td colspan="2">
<hr></td>
</tr>
<tr>
<td>Notes:</td>
<td>
<span>"><[PERSISTENT INJECTED SCRIPT CODE!]></span></td>
</tr>

Review: New customer Account Details - Listing

<tbody><tr>
<td>
<strong>Primary Contact:</strong>
</td>
<td>
<span><a href="https://www.example.com/customers/contact.aspx?customerId=33628565&;
contactId=33637457">"><iframe src=https://www. "><iframe src=https://www.</a>, () -,
<a href="https://www.linuxidc.com/mailto:";><[PERSISTENT INJECTED SCRIPT CODE!]>">"><[PERSISTENT INJECTED SCRIPT CODE!]></a></span>
</td>
</tr>
<tr>
<td>
<strong>Primary Location:</strong>
</td>
<td>
<span><a href="https://www.example.com/customers/location.aspx?customerId=33628565&;
locationID=33649992">"><[PERSISTENT INJECTED SCRIPT CODE!]</a>, "><[PERSISTENT INJECTED SCRIPT CODE!]>
(<a href="https://www.example.com/tools/getMap.aspx?customerLocationId=33649992";>Get
Map</a>)</span>
</td>
</tr>
</tbody>

Review: Report - Listing