Summary
This host is running SearchBlox and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attacker to execute arbitrary JSP code or obtain potentially sensitive information or can overwrite arbitrary files via directory traversal sequences.
Impact Level: Application
Solution
Upgrade to SearchBlox version 7.5 build 1 or later, For updates refer to http://www.searchblox.com
Insight
Multiple flaws are due to,
- Input passed via 'name' parameter to 'servlet/CreateTemplateServlet' not properly sanitised before being used to create files.
- Error when accessing 'servlet/CollectionListServlet' servlet when 'action' is set to 'getList' can be exploited to disclose usernames and passwords from the database.
- 'admin/uploadImage.html' script allows to upload an executable file with the image/jpeg content type and it can be exploited to execute arbitrary JSP code by uploading a malicious JSP script.
Affected
SearchBlox before 7.5 build 1
Detection
Send a crafted data via HTTP GET request and check whether it is able to get confidential information.
References
Severity
Classification
-
CVE CVE-2013-3590, CVE-2013-3597, CVE-2013-3598 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- An Image Gallery Multiple Cross-Site Scripting Vulnerability
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability
- Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability
- AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities