VU#950172: Dell OpenManage Server Administrator version 7.1.0.1 DOM-based XSS vulnerability

Vulnerability Note VU#950172
Dell OpenManage Server Administrator version 7.1.0.1 DOM-based XSS vulnerability

Original Release date: 09 Jan 2013 | Last revised: 09 Jan 2013

Overview

Dell OpenManage Server Administrator version 7.1.0.1 and earlier contains a DOM-based cross-site scripting vulnerability.

Description

CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

Dell OpenManage Server Administrator version 7.1.01 and earlier contains a DOM-based cross-site scripting vulnerability.

Impact

A remote attacker may be able to execute arbitrary script in the context of the end-user’s browser session.

Solution

We are currently unaware of a practical solution to this problem.

Restrict Access

The Dell OpenManage Server Administrator interface should not be Internet facing.

Vendor Information (Learn More)

The vulnerability reporter has confirmed that Dell OpenManage Server Administrator 6.5.0.1, 7.0.0.1 and 7.1.0.1 are affected by this vulnerability.

VendorStatusDate NotifiedDate UpdatedDell Computer Corporation, Inc.Affected20 Nov 201204 Jan 2013If you are a vendor and your product is affected, let
us know.

CVSS Metrics (Learn More)

Group
Score
Vector

Base
5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal
3.6
E:U/RL:W/RC:UC

Environmental
1.4
CDP:LM/TD:L/CR:ND/IR:ND/AR:ND

References

http://cwe.mitre.org/data/definitions/79.html

Credit

Thanks to Tenable Network Security for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs:
CVE-2012-6272

Date Public:
09 Jan 2013

Date First Published:
09 Jan 2013

Date Last Updated:
09 Jan 2013

Document Revision:
5

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

VU#281284: Samsung Printer firmware contains a hardcoded SNMP community string

Vulnerability Note VU#281284
Samsung Printer firmware contains a hardcoded SNMP community string

Original Release date: 26 Nov 2012 | Last revised: 07 Dec 2012

Overview

Samsung printers contain a hardcoded SNMP community string that could allow a remote attacker to take control of an affected device.

Description

Samsung printers (as well as some Dell printers manufactured by Samsung) contain a hardcoded SNMP full read-write community string that remains active even when SNMP is disabled in the printer management utility.

Impact

A remote, unauthenticated attacker could access an affected device with administrative read/write privileges. Secondary impacts include: the ability to make changes to the device configuration, access to sensitive information (e.g., device and network information, credentials, and information passed to the printer), and possibility the ability to leverage further attacks through arbitrary code execution.

Solution

Samsung and Dell have stated that models released after October 31, 2012 are not affected by this vulnerability. Samsung has also indicated that they will be releasing a patch tool later this year to address vulnerable devices.

Dell also indicated that they have released updated firmware for all affected models currently being sold to address this vulnerability. A copy of this updated firmware is available for download at: http://del.ly/PrinterSNMPFix

Block Port 1118/udp

The reporter has stated that blocking the custom SNMP trap port of 1118/udp will help mitigate the risks.

Restrict Access

As a general good security practice, only allow connections from trusted hosts and networks. Restricting access would prevent an attacker from accessing an SNMP interface using the affected credentials from a blocked network location. (e.g. Using IP filtering and Mac address filtering)

Disable SNMP protocol

Samsung is advising end users to disable SNMPv1, 2 or use the secure SNMPv3 mode until the firmware updates are released.
*Note that the vulnerability reporter has stated that the community string that remains active even when SNMP is disabled in the printer management utility.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate UpdatedDell Computer Corporation, Inc.Affected23 Aug 201207 Dec 2012
SamsungAffected23 Aug 201229 Nov 2012If you are a vendor and your product is affected, let
us know.

CVSS Metrics (Learn More)

Group
Score
Vector

Base
9.0
AV:N/AC:M/Au:N/C:C/I:C/A:P

Temporal
6.5
E:U/RL:W/RC:UC

Environmental
1.9
CDP:LM/TD:L/CR:ND/IR:ND/AR:ND

References

http://del.ly/PrinterSNMPFix

Credit

Thanks to Neil Smith for reporting this vulnerability

This document was written by Katie Steiner

Other Information

CVE IDs:
CVE-2012-4964

Date Public:
26 Nov 2012

Date First Published:
26 Nov 2012

Date Last Updated:
07 Dec 2012

Document Revision:
49

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

VU#558132: Dell OpenManage Server Administrator contains a cross-site scripting vulnerability

Vulnerability Note VU#558132
Dell OpenManage Server Administrator contains a cross-site scripting vulnerability

Original Release date: 14 Nov 2012 | Last revised: 14 Nov 2012

Overview

Dell OpenManage Server Administrator version 7.1 and earlier contains a cross-site scripting vulnerability.

Description

Dell OpenManage Server Administrator version 7.1 and earlier contains a cross-site scripting vulnerability (CWE-79).

Impact

A remote attacker may be able to execute arbitrary script in the context of the end-user’s browser session.

Solution

Apply an Update

Users should download the appropriate patch for the version of OpenManage they have installed.

OpenManage Server Administrator Managed Node Patch for OM7.1 (Version 7.1.0.1)
OpenManage Server Administrator Managed Node Patch for OM7.0 (Version 7.0.0.1)
OpenManage Server Administrator Managed Node Patch for OM6.5 (Version 6.5.0.1)

Restrict Access

The Dell OpenManage Server Administrator interface should not be Internet facing.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate UpdatedDell Computer Corporation, Inc.Affected-14 Nov 2012If you are a vendor and your product is affected, let
us know.

CVSS Metrics (Learn More)

Group
Score
Vector

Base
5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal
3.9
E:POC/RL:OF/RC:C

Environmental
2.9
CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

http://cwe.mitre.org/data/definitions/79.html
http://www.dell.com/support/drivers/us/en/19/DriverDetails/Product/poweredge-r710?driverId=5JDN0&osCode=WNET&fileId=3082293694
http://www.dell.com/support/drivers/us/en/19/DriverDetails/Product/poweredge-r710?driverId=PCXMR&osCode=WNET&fileId=3082295344
http://www.dell.com/support/drivers/us/en/19/DriverDetails/Product/poweredge-r710?driverId=JJMWP&osCode=WNET&fileId=3082295338

Credit

Thanks to David Ferrest and Dell for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

CVE IDs:
CVE-2012-4955

Date Public:
31 Oct 2012

Date First Published:
14 Nov 2012

Date Last Updated:
14 Nov 2012

Document Revision:
10

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

VU#404051: Dell SonicWALL Scrutinizer SQL injection vulnerability

Vulnerability Note VU#404051
Dell SonicWALL Scrutinizer SQL injection vulnerability

Original Release date: 25 Jul 2012 | Last revised: 25 Jul 2012

Overview

Dell SonicWALL Scrutinizer 9.5.0 and older versions contain a SQL injection vulnerability.

Description

VU#913483: Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries web interface and preconfigured password vulnerabilities

Vulnerability Note VU#913483
Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries web interface and preconfigured password vulnerabilities

Original Release date: 19 Mar 2012 | Last revised: 13 Apr 2012

Overview

Cross scripting and preconfigured password vulnerabilities have been reported to exist in the Quantum Scalar i500, Del…