Dr. Web Control Center Admin UI Remote Script Code Injection

Affected Products/Versions

Product Name: Dr. Web Enterprise Server
Version Number:

Product/Company Information

>From Dr. Web's website:
  "Dr.Web Enterprise Security Suite is a set of Dr.Web software products incorporating anti-viruses 
for protection of all hosts in a corporate network and a single Control Center for managing most of the products."

Dr. Web's Website can be found at http://www.drweb.com

Vulnerability Description

Dr. Web Enterprise Security Suite is managed via a web based interface called Control Center.

If an attacker suplies java script code instead of a username on the login page, this script code will be automatically executed
every time an administrative user is viewing the audit log.

This attack can be used to steal authentication cookies or to drive further attacks.

Patch Information

Patch is available from vendor.

Advisory Information

This: http://www.oliverkarow.de/research/drweb.txt


13/07/2012 - Informing Dr. Web about vulnerability
16/07/2012 - Initial response from Dr. Web
23/07/2012 - Fix successfully tested, sent response to Dr. Web
30/07/2012 - Advisory release
Rate this post
Брой прочитания на тази страница: 1324
Dr. Web Control Center XSS Vulnerability
Tagged on:

Вашият коментар

Вашият имейл адрес няма да бъде публикуван. Задължителните полета са отбелязани с *