by r0t,der4444,cembo,VietMafia

Tuesday, June 20, 2006

Atlassian JIRA™ Information Disclosure

###############################################
Vuln. discovered by : r0t
Date: 20 june 2006
vendor:http://www.atlassian.com/software/jira/
affected versions:
Enterprise Edition, Version: 3.6.2-#156
other versions also can be affected
###############################################

Vuln. Description:



Input passed via the URL when accessing "secure/ConfigureReleaseNote.jspa" directly isn't properly sanitised before being returned to the user in an error response. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Atlassian JIRA™ contains a flaw that allows malicious people to gain knowledge of various system information.Input passed to the "projectId" parameter in "secure/ConfigureReleaseNote.jspa" isn't properly sanitised before being returned to the user.
With error message/report remote attacker will get various system information in example to get full install path, used software,general system configuration.


###############################################
Solution:
Restrict access to the "secure/ConfigureReleaseNote.jspa" script in a proxy server or firewall with URL filtering capabilities. This may affect functionality.

###############################################
More information @ unsecured-systems.com/forum/

0 Comments:

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew