Type

Information Leakage

Release Date

February 17, 2003

Product / Vendor

NetCharts XBRL Server 4.0 is a data visualization service that generates charts and graphs, tables, and reports. It can be used alone or in conjunction with any web infrastructure from the simplest CGI scripts to the most sophisticated Enterprise Application Server.

Any data source—
- Oracle
- Sybase
- Any JDBC
- Any ODBC: Excel, Access, SQL Server
- Legacy systems
- XBRL
- XML
- …and others

Anyhow, anywhere—
- TIFF, BMP, JPEG
- Java Applets
- Flash, PDF, HTML pages
- J2EE
- COM / ASP / .NET
- Cold Fusion
- …and more

http://www.visualmining.com

Summary

A client may connect to the target machine and deliver several requests with an invalid chunked encoded body.

The potential for information leakage is great but the risk is mitigated somewhat by the unpredictability of the query-response
desynchronisation. Depending on the target site this may be somewhat exploitable by a malicious user to redirect other users to a specific response by saturating the communcation channels with a desired response.

==================== SNIP ====================

GET /index.jsp HTTP/1.1
Host: victim.com
Transfer-Encoding: Chunked

53636f7474

==================== SNIP ====================

Related

Recently disclosured advisory:
http://online.securityfocus.com/bid/6320

Tested

Netcharts XBRL Server v4.0.0 for Windows 2000

Vulnerable

Netcharts XBRL Server v4.0.0 for Windows 2000

Disclaimer

http://www.securityoffice.net is not responsible for the misuse or illegal use of any of the information and/or the software listed on this security advisory.

Author

Tamer Sahin
ts(at)securityoffice.net
http://www.securityoffice.net