Summary
This host is running OpenFire and is prone to multiple vulnerabilities.
Impact
Attacker may leverage this issue by executing arbitrary script code or injecting HTML or JavaScript code in the context of the affected system and can cause directory traversal or XSS attack.
Impact Level: System
Solution
Upgrade to OpenFire version 3.6.3
http://www.igniterealtime.org/downloads/index.jsp
Insight
Application fails to sanitise the user inputs in,
- log parameter to logviewer.jsp and log.jsp files, - search parameter to group-summary.jsp file,
- username parameter to user-properties.jsp file,
- logDir, maxTotalSize, maxFileSize, maxDays, and logTimeout parameters to audit-policy.jsp file,
- propName parameter to server-properties.jsp file, and - roomconfig_roomname and roomconfig_roomdesc parameters to muc-room-edit-form.jsp file.
Affected
Ignite Realtime Openfire version prior to 3.6.3 on all platforms
References
Severity
Classification
-
CVE CVE-2009-0496, CVE-2009-0497 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Web Server ETag Header Information Disclosure Weakness
- Apache Struts2 'XWork' Information Disclosure Vulnerability
- Apache Solr XML External Entity(XXE) Vulnerability-01 Jan-14
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- Apache Struts2/XWork Remote Command Execution Vulnerability