Web application abuses : Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902047

Categoría: Web application abuses

Título: Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities

Resumen: Atlassian JIRA is prone to privilege escalation and multiple cross; site scripting vulnerabilities.

Descripción: Summary:
Atlassian JIRA is prone to privilege escalation and multiple cross
site scripting vulnerabilities.

Vulnerability Insight:
The flaws are caused because input passed to the

- 'element' or 'defaultColor' parameters to the 'Colour Picker' page,

- 'formName' and 'element' parameters and the 'full user name' field to the
'User Picker' and 'Group Picker' page,

- 'announcement_preview_banner_st' parameter to the 'Announcement Banner Preview' page,

- 'portletKey' parameter to 'runportleterror.jsp',
URL to 'issuelinksmall.jsp',

- 'afterURL' parameter to 'screenshot-redirecter.jsp',

- 'Referrer' HTTP request header to '500page.jsp'

- 'groupnames.jsp', 'indexbrowser.jsp', 'classpath-debug.jsp',
'viewdocument.jsp', and 'cleancommentspam.jsp' are not properly sanitised before being returned to the user.

It allows administrative users to change certain path settings, which can be
exploited to gain operating system account privileges to the server infrastructure.

Vulnerability Impact:
Successful exploitation will let attackers to execute arbitrary script or
gain higher privileges.

Affected Software/OS:
Atlassian JIRA version 3.12 through 4.1

Solution:
Upgrade to the Atlassian JIRA version 4.1.1 or later.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-1164
BugTraq ID: 39485
http://www.securityfocus.com/bid/39485
http://www.openwall.com/lists/oss-security/2010/04/16/3
http://www.openwall.com/lists/oss-security/2010/04/16/4
http://secunia.com/advisories/39353
XForce ISS Database: jira-element-xss(57827)
https://exchange.xforce.ibmcloud.com/vulnerabilities/57827
XForce ISS Database: jira-groupnames-xss(57826)
https://exchange.xforce.ibmcloud.com/vulnerabilities/57826
Common Vulnerability Exposure (CVE) ID: CVE-2010-1165
XForce ISS Database: jira-pathsettings-priv-escalation(57828)
https://exchange.xforce.ibmcloud.com/vulnerabilities/57828

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902047
Categoría:	Web application abuses
Título:	Atlassian JIRA Privilege Escalation and Multiple Cross Site Scripting Vulnerabilities
Resumen:	Atlassian JIRA is prone to privilege escalation and multiple cross; site scripting vulnerabilities.
Descripción:	Summary: Atlassian JIRA is prone to privilege escalation and multiple cross site scripting vulnerabilities. Vulnerability Insight: The flaws are caused because input passed to the - 'element' or 'defaultColor' parameters to the 'Colour Picker' page, - 'formName' and 'element' parameters and the 'full user name' field to the 'User Picker' and 'Group Picker' page, - 'announcement_preview_banner_st' parameter to the 'Announcement Banner Preview' page, - 'portletKey' parameter to 'runportleterror.jsp', URL to 'issuelinksmall.jsp', - 'afterURL' parameter to 'screenshot-redirecter.jsp', - 'Referrer' HTTP request header to '500page.jsp' - 'groupnames.jsp', 'indexbrowser.jsp', 'classpath-debug.jsp', 'viewdocument.jsp', and 'cleancommentspam.jsp' are not properly sanitised before being returned to the user. It allows administrative users to change certain path settings, which can be exploited to gain operating system account privileges to the server infrastructure. Vulnerability Impact: Successful exploitation will let attackers to execute arbitrary script or gain higher privileges. Affected Software/OS: Atlassian JIRA version 3.12 through 4.1 Solution: Upgrade to the Atlassian JIRA version 4.1.1 or later. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1164 BugTraq ID: 39485 http://www.securityfocus.com/bid/39485 http://www.openwall.com/lists/oss-security/2010/04/16/3 http://www.openwall.com/lists/oss-security/2010/04/16/4 http://secunia.com/advisories/39353 XForce ISS Database: jira-element-xss(57827) https://exchange.xforce.ibmcloud.com/vulnerabilities/57827 XForce ISS Database: jira-groupnames-xss(57826) https://exchange.xforce.ibmcloud.com/vulnerabilities/57826 Common Vulnerability Exposure (CVE) ID: CVE-2010-1165 XForce ISS Database: jira-pathsettings-priv-escalation(57828) https://exchange.xforce.ibmcloud.com/vulnerabilities/57828
Copyright	Copyright (C) 2010 Greenbone AG