WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Praetorian Advisory: Reflective XSS in Alkaline Search Engine Server

From: Praetorian Advisories <advisory () praetoriangrp com>
Date: Wed, 10 Feb 2010 11:26:01 -0600
Advisory Title: Reflective XSS in Alkaline Search Engine Server
Release Date: 02-10-2010
Vendor: Vestris, Inc.
Application: Alkaline Search Engine Server
Version: 1.9

Overview:
Alkaline is a multi-platform, all-in-one index and search engine server.

Details:
The web interface for the Alkaline Search Engine Server does not
validate user input or sanitize its output prior to display in the
viewing page. Subsequently, a malicious user can use the Alkaline
server to perform unauthenticated, reflective cross-site scripting
attacks by passing arbitrary scripting content in the request which
the server will display verbatim in the error message it returns.
Example:
http://somealkalineserver.com:<9999>/<script>alert('test');</script>/a

Vendor Response:
The vendor, Vestris Inc, has been contacted on the matter and stated
both the software and the company are no longer in operation. Alkaline
version 1.9 is the last release of the product and no patches will be
made available for this or any other vulnerability. According to the
company's website "Vestris is gone, but we're giving it all away for
free. You can download software from this page..."
Although the product has reached end of life, the software is still
available for download and has been identified in DMZ environments.
For these reasons, value is still seen in disclosure.

Recommendation:
Given the state of the software, end users should ascertain whether
instances identified in their environment still have a legitimate
purpose and discontinue servers appropriately. Cursory review suggests
several other vulnerabilities are present in the product, but an
in-depth analysis has not been performed.

For more information please visit http://www.praetoriangrp.com or
email research () praetoriangrp com
Praetorian General PGP Key:
http://www.praetoriangrp.com/praetorian.asc



This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: