Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2012-5379 to a friend New vulnerability? New tool? Tell us	CVE-2012-5379 LAN Messenger Persistent Software Vulnerability     Credit: The information has been provided by Benjamin Kunz Mejri. The original article can be found at: http://packetstormsecurity.org/files/117298/VL-541.txt Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2012-5379 Details Check for CVE-2012-5379 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * LAN Messenger LAN Messenger 1.2.28 An attacker may leverage this issue to execute arbitrary script code in the context of the affected application. LAN Messenger is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Messagebox Display and Input modules. A remote attacker could exploit this vulnerability using the username field to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. A persistent software vulnerability is detected in in LAN Messenger v1.2.28. The bug is located in the profile display & nickname validation of the software. The vulnerability allows an attacker (remote) to implement own malicious script codes as profile. The code is getting executed when the attacker writes the victim a message. The vulnerable nickname input is getting executed as output of the messagebox when processing to write a message. Successful exploitation can lead in persistent hijacking, external malicious redirects, persistent script code execution to compromise the connected network client system. Vulnerable Module(s): [+] Username as seen by Contacts - Messagebox Display & Input Proof of Concept: The persistent profile vulnerability can be exploited by remote attackers with low required inter action. For demonstration or reproduce ... 1. Open LAN Messenger v1.2.28 click on the top menu > Tools 2. Switch to > Preferences > Account 3. Include to the Username as seen by Contacts your own persistent script code with char obfuscation trick 4. write the target system your message to exploit persistent via profile display nickname PoC: "><iFrAmE sRc=A oNlOaD=aLeRt("VL") < ... or %22%3E%3C%69%46%72%41%6D%45%20%73%52%63%3D%41%20%6F%4E%6C%4F%61%44%3D%61%4C%65%52%74%28%22%56%4C%22%29%20%3C CVE Information: CVE-2012-5379 Disclosure Timeline: 2012-05-16: Public or Non-Public Disclosure  Comments on CVE-2012-5379:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2017 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®