Symantec Norton Internet Security错误消息跨站脚本执行漏洞

Symantec Norton Internet Security错误消息跨站脚本执行漏洞

漏洞ID 1107540 漏洞类型 输入验证
发布时间 2003-10-27 更新时间 2005-10-20
图片[1]-Symantec Norton Internet Security错误消息跨站脚本执行漏洞-安全小百科CVE编号 CVE-2003-1149
图片[2]-Symantec Norton Internet Security错误消息跨站脚本执行漏洞-安全小百科CNNVD-ID CNNVD-200310-078
漏洞平台 CGI CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/23304
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200310-078
|漏洞详情
NortonInternetSecurity是一款Symantec公司开发和维护的网络防护系统,其核心是独立的NortonPersonalFirewall2003。NortonInternetSecurity没有过滤返回给用户的错误消息,远程攻击者可以利用这个漏洞进行跨站脚本攻击,可能获得用户敏感消息。当NortonInternetSecurity2003拦截某个WEB站点时,会返回WEB页面到浏览器,声明此站点已经被拦截,这个错误消息包含所请求的URL信息。NortonInternetSecurity2003在返回错误消息前没有充分过滤URL编码信息,这允许攻击者提供包含恶意脚本的URL,就可以导致脚本以被阻拦站点上下文运行。可能获得用户敏感信息。
|漏洞EXP
source: http://www.securityfocus.com/bid/8904/info

It has been reported that Symantec Norton Internet Security is prone to a cross-site scripting vulnerability. The issue is reported to exist when the software blocks a restricted website and an error message containing the requested URL is returned to the user. This URL is not sanitized for malicious input therefore allowing a remote attacker to execute HTML or script code in the browser of a user running the vulnerable software. The script code would run in the context of the blocked site.

Successful exploitation of this attack may allow an attacker to steal cookie-based authentication information that could be used to launch further attacks.

Norton Internet Security 2003 v6.0.4.34 has been reported to be prone to this issue, however other versions may be affected as well.

http://www.example.com/page.cgi?<SCRIPT>alert(document.domain)</SCRIPT>
|参考资料

来源:BID
名称:8904
链接:http://www.securityfocus.com/bid/8904
来源:OSVDB
名称:2714
链接:http://www.osvdb.org/2714
来源:XF
名称:norton-is-blocked-xss(13528)
链接:http://xforce.iss.net/xforce/xfdb/13528
来源:BUGTRAQ
名称:20031027NortonInternetSecurity2003XSS
链接:http://www.securityfocus.com/archive/1/342548
来源:securityresponse.symantec.com
链接:http://securityresponse.symantec.com/avcenter/security/Content/2003.10.27.html
来源:SECUNIA
名称:10067
链接:http://secunia.com/advisories/10067

相关推荐: AIX sysback权限提升漏洞

AIX sysback权限提升漏洞 漏洞ID 1206221 漏洞类型 未知 发布时间 2000-12-10 更新时间 2000-12-10 CVE编号 CVE-2000-1222 CNNVD-ID CNNVD-200012-001 漏洞平台 N/A CVSS…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享