Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

IBM patches twin cross-site scripting vulnerabilities in Hadoop

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

January 30, 2017

IBM said today it has patched twin cross-site scripting (XSS) security vulnerabilities in its Hadoop-probing InfoSphere BigInsights platform.

The security patches released late last week close the bugs (bulletin CVE-2016-2924 and CVE-2016-2992) that could potentially compromise users of the big data analytics software.

To be sure, Fortinet researcher Honggang Ren reported the security bugs to IBM last year and offered proof-of-concepts on how to reproduce the vulnerabilities on unpatched BigInsights installations.

The security flaws allow guest users to own full administrator rights, stealing their credentials and session data, and to then execute various malicious code through stored XSS.

"The data that the user ‘guest’ inputs into the ‘name’ field is stored on the server," Ren says of the stored XSS bug.

"When the admin views the alert list, the value of the relevant alert type is retrieved from the stored data on the server. Its label field value isn't correctly checked and special characters are not escaped so that the generated web page contains the malicious code," he asserted.

Next, "the injected code is permanently stored on the vulnerable server so when a victim navigates to the affected web page in a browser, the injected XSS code will be served as part of the web page," he added.

The security vulnerability is notably dangerous in that it does not require victims to be phished by clicking XSS links. Stored XSS mean an attacker's malcode is already in storage and resurfaces as part of web applications, executing in a victim's browser with the app's permissions. Nasty? Yes.

It can also allow hackers to hijack a victim's browser, steal app data, run internal port scans, and ship browser-based exploits, among other mischiefs.

Ren also urged all users of the platform to immediately upgrade to the patched version. We'll keep you posted on these and other developments.

Source: Fortinet Security LLC.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer