Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 14 May 2014 15:03:09 +0300
From: Dolev Farhi <>
To: oss-security <>, cve-assign <>
Subject: Zenoss Open Source monitoring System - Open Redirect & Stored XSS Vulnerabilities


Several security issues were found in Zenoss monitoring system.

1.  Stored XSS.
A persistent XSS vulnerability was found in Zenoss core, by creating a
malicious host with the Title <script>alert("Xss")</script> any user
to the relevant manufacturers page will get a client-side script executed

Proof of concept:
1. Create a device with with the Title <script>alert("XSS")</script>
 2. Navigate to the  Infrastructure -> Manufacturers page.
 3. pick the name of the manufacturer of the device, e.g. Intel
 4. select the type of the hardware the device is assigned to, e.g.
GenuineIntel_ Intel(R) Core(TM) i7-2640M CPU _ 2.80GHz
 5. the XSS Executes.
    <tr class="even">
      <td class="tablevalues"><a
      <td class="tablevalues">GenuineIntel_        Intel(R) Core(TM)
i7-2640M CPU _ 2.80GHz</td>

2. Open Redirect vulnerability.
an open redirect is possible via http://zenoss[ ]  allowing an
attacker to redirect a user to a malicious website.

Can CVE numbers please be assigned to these?


additional proof of concept vid.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ