Summary
This host is running Openfire and is prone to multiple vulnerabilities.
Impact
Successful exploitation will let the attacker cause multiple attacks in the context of the application i.e. Cross site scripting, disclosure of sensitive information, phishing attacks through the affected parameters.
Impact level: Application/Network
Solution
Upgrade to the version 3.6.1 or later.
http://www.igniterealtime.org/downloads/index.jsp
Insight
Multiple flaws are due to,
- error in the AuthCheckFilter which causes access to administrative resources without admin authentication.
- error in the type parameter inside the file 'sipark-log-summary.jsp' which causes SQL Injection attack.
- error in the 'login.jsp' URL parameter which accept malicious chars as input which causes XSS attack.
- error in the SIP-Plugin which is deactivated by default which lets the attack install the plugin by using admin authentication bypass methods.
Affected
Openfire version prior to 3.6.1
References
Severity
Classification
-
CVE CVE-2008-6508, CVE-2008-6509, CVE-2008-6510, CVE-2008-6511 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Assesi 'bg' Parameter SQL Injection vulnerability
- A-Blog 'sources/search.php' SQL Injection Vulnerability
- AlienVault OSSIM 'date_from' Parameter Multiple SQL Injection Vulnerabilities
- ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
- Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability