The login page for the Nagios XI management interface prior to version 2009R1.3 is vulnerable to cross-site scripting (XSS). This vulnerability does not require the victim to be authenticated. This vulnerability was originally thought to be addressed in version 2009R1.2C.
e70887b72d05c6675a468a37609a7d93b2d59e5dfb89be8044b6c7db330dace2 Nagios XI Login XSS
Advisory ID: NGENUITY-2010-007
Vulnerability Information
Class: Cross-Site Scripting (XSS)
Software Description
Nagios XI is the commercial / enterprise version of the open source
Nagios project.
Vulnerability Description
The login page for the Nagios XI management interface prior to version
2009R1.3 is vulnerable to cross-site scripting (XSS). This vulnerability
does not require the victim to be authenticated. This vulnerability was
originally thought to be addressed in version 2009R1.2C.
All the parameters of the login page are vulnerable to injection and
execution of JavaScript. This does not require authentication, but if
the user is authenticated can provide a reasonably easy way to do
whatever actions you want as the Admin user (and negates CSRF protection
that has recently been implemented).
Vendor recommends upgrading to version 2009R1.3 or later.
Technical Description
Here is a non-malicious example. The input after login.php is inserted
into the permalink_base variable without being sanitized.
http://example.com/nagiosxi/login.php?%22;alert%281%29;//
Credits
This vulnerability was discovered by Adam Baldwin
Original Advisory
http://ngenuity-is.com/advisories/2010/aug/19/nagios-xi-login-xss/
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed