Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 7 Apr 2017 19:49:58 -0300
From: Oliveira Lima <oliveiralimajr@...il.com>
To: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Request CVE ID for information disclosure present in ForgeRock
 OpenIDM 4.0.0 and 4.5.0

Request CVE ID for information disclosure present in ForgeRock OpenIDM
4.0.0 and 4.5.0

Description
***********************

The OpenIDM info endpoint may leak sensitive information under certain
circumstances.
Looking closely I noticed that amid the requests for access to solution idm
several requests on behalf of a user: "anonymous", editing these requests I
got a return code 200, containing information from the internal server,
such as addresses Ips, thus characterizing an information disclosure
vulnerability.


Proof of Concept URL
***************************

*http://www.rootlabs.com.br/information-disclosure-forgerock-openidm-4-0-0-and-4-5-0/
<http://www.rootlabs.com.br/information-disclosure-forgerock-openidm-4-0-0-and-4-5-0/>*

Report Timeline
************************
10-Jan-2017- Reported
11-Jan-2017- Vendor Response
28 -March-2017- Vendor Fixed
07-April-2017- Public disclosed

Vendo Reference
*****************
*https://backstage.forgerock.com/knowledge/kb/article/a92936505
<https://backstage.forgerock.com/knowledge/kb/article/a92936505>*
<https://br.wordpress.org/plugins/simple-photo-gallery/changelog/>
References
*****************

<https://br.wordpress.org/plugins/simple-photo-gallery/changelog/>
https://www.owasp.org/index.php/Information_Leak_(information_disclosure)
<http://www.rootlabs.com.br/xss-simple-photo-gallery/>
*https://backstage.forgerock.com/knowledge/kb/article/a92936505
<https://backstage.forgerock.com/knowledge/kb/article/a92936505>*

*http://www.rootlabs.com.br/information-disclosure-forgerock-openidm-4-0-0-and-4-5-0/
<http://www.rootlabs.com.br/information-disclosure-forgerock-openidm-4-0-0-and-4-5-0/>*

-- 
Oliveira Lima Jr
roothc.com.br
Linkedin <http://br.linkedin.com/pub/oliveira-lima-junior/2b/48/285/>
@oliveiralimajr <https://twitter.com/oliveiralimajr>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ