Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormPortcullis-security.comPACKETSTORM:66179
HistoryMay 09, 2008 - 12:00 a.m.

SAP-07-010.txt

2008-05-0900:00:00
portcullis-security.com
packetstormsecurity.com
38

EPSS

0.945

Percentile

99.2%

JSON
`Portcullis Security Advisory 07_010  
  
  
Vulnerable System:   
  
SAP Internet Transaction Server  
  
  
Vulnerability Title:   
  
Re-introduction of Cross-site Scripting/Cookie Theft Vulnerability.  
  
Previous vendor Information:  
  
Originally vendor contacted on 02.08.2003  
Product: ITS, Version 6.20  
Bugtraq ID: 8517  
CVE: CAN-2003-0749  
  
  
Vulnerability Discovery and Development:   
  
Portcullis Security Testing Services  
  
  
Credit for Discovery  
  
Andrew Davies of Portcullis Computer Security Ltd discovered this vulnerability.  
  
  
Affected systems:   
  
Version 6200.1017.50954.0, Build 730827 (win32/IIS 5.0)  
  
  
Details:  
  
Object:  
wgate.dll (win32 CGI-Communication Binary)  
  
Description:  
Insufficient input and output validation on miscellaneous userinput-parameters enables insertion of html/client side scripting tags.  
  
Example:  
  
HTTP-Requests:  
  
  
http://example.com/scripts/wgate.dll?~service=--><img%09src=javascript:alert(xss);  
or:  
http://example.com/scripts/wgate/%22);alert('xss');alert(%22a/!  
  
Impact:  
  
Due to excessive usage of cookies for managing sessions and/or states cookie-theft is very likely.  
  
Vendor Status:  
  
Vendor advised and has stated that the solution and workaround are available through SAP note 1052053.  
  
  
Copyright:   
  
Copyright © Portcullis Computer Security Limited 2007, All rights reserved   
worldwide. Permission is hereby granted for the electronic redistribution of this   
information. It is not to be edited or altered in any way without the express   
written consent of Portcullis Computer Security Limited.  
  
  
Disclaimer:   
  
The information herein contained may change without notice. Use of this   
information constitutes acceptance for use in an AS IS condition. There are   
NO warranties, implied or otherwise, with regard to this information or its   
use. Any use of this information is at the user's risk. In no event shall the   
author/distributor (Portcullis Computer Security Limited) be held liable for   
any damages whatsoever arising out of or in connection with the use or spread   
of this information.  
`

Related

exploitdb 1
cvelist 2
cve 2
checkpoint_advisories 1
nvd 2
exploitdb
exploitdb
SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting
2003-08-30 00:00:00
cvelist
cvelist
CVE-2003-0749
2003-09-06 04:00:00
CVE-2006-5114
2006-10-02 20:00:00
cve
cve
CVE-2003-0749
2003-10-20 04:00:00
CVE-2006-5114
2006-10-03 04:03:00
checkpoint_advisories
checkpoint_advisories
SAP Internet Transaction Server wgate.dll service Parameter XSS - Ver2 (CVE-2003-0749)
2014-03-03 00:00:00
nvd
nvd
CVE-2003-0749
2003-10-20 04:00:00
CVE-2006-5114
2006-10-03 04:03:00

EPSS

0.945

Percentile

99.2%

JSON
Related for PACKETSTORM:66179
exploitdb1cvelist2cve2checkpoint_advisories1nvd2