0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
JasperSoft JasperReports 4.7 Password Disclosure Vulnerability
Author
Risk
[
Security Risk Medium
]0day-ID
Category
Date add
CVE
Platform
[+] Credits: Joshua Platz aka Binary1985 [+] CVE ID: CVE-2017-14941 [+] Website: https://github.com/binary1985 [+] Source: https://raw.githubusercontent.com/binary1985/VulnerabilityDisclosure/master/JasperSoft%20JasperReports%20-%204.7%20-%20CVE-2017-14941 Vendor: ========================== https://www.jaspersoft.com/ Product: =========== JasperSoft JasperReports Version 4.7 JasperReports is an open source Java reporting tool that can write to a variety of targets, such as: screen, a printer, into PDF, HTML, Microsoft Excel, RTF, ODT, Comma-separated values or XML files. Vulnerability Type: ========================== Cleartext Password Storage Vulnerability Details: ===================== JasperReports stores Passwords unencrypted for maintaining the test connectivity function of its Data Source Connectors. These credentials are retrieved by the system when the editing a Data Source on /jasperserver-pro/flow.html, and rendered directly into the HTLM in cleartext. 1) Log into JasperReports application. Default superuser/superuser 2) Navigate an existing Data Source connector under View -> Repository 3) Select entry and click Edit 4) View the HTLM source code, extracting the database connection string, username, and password from the HTLM form. Key value name(html form ID's): database connection string, username, password(cleartext) Remediation Details: ===================== Apply security update issued in patch 4.1.2: ftp://ftp.multitech.com/faxfinder/ffx40/FFx40_version_update.txt 2017-09-14 - Issue Reported to Vendor 2016-09-14 - Vendor Awknowledged Report, Requested testing of latest version 2016-09-15 - Validate issue is remdiated in 6.4.0 Testing Comments: Vender properly loads a -substitute value- into password HTML form. It is unknown at which version this was corrected. 2016-09-29 - Public Disclsoure 2017-09-29 - CVE-2017-14941 Issued # 0day.today [2024-09-20] #