Splunk 4.x < 4.1.3 404 Response XSS

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

A web application on the remote host has a cross-site scripting
vulnerability.

Description :

The version of Splunk Web hosted on the remote web server fails to
sanitize the contents of the HTTP 'Referer' header before using it in
HTTP error 404 messages, and hence is affected by a cross-site scripting
vulnerability.

An unauthenticated, remote attacker may be able to leverage this issue
to inject arbitrary HTML or script code into a user's browser to be
executed within the security context of the affected site.

Note that exploitation is only confirmed as valid in Internet Explorer
as Firefox escapes the special characters '<' and '>' when rendering the
link.

See also :

http://www.splunk.com/view/SP-CAAAFHY
http://www.splunk.com/base/Documentation/4.1.3/ReleaseNotes/4.1.3

Solution :

Upgrade to Splunk 4.1.3.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)

Family: CGI abuses : XSS

Nessus Plugin ID: 47620 ()

Bugtraq ID:

CVE ID: CVE-2010-2429