Resin Application Server 4.0.36 Source Code Disclosure

Resin Application Server 4.0.36 Source Code Disclosure VulnerabilityVendor: Caucho Technology, Inc.Product web page: http://www.caucho.comAffected version: Resin Professional Web And Application Server 4.0.36Summary: Resin is the Java Application Server for high trafficsites that require speed and scalability. It is one of the earliestJava Application Servers, and has stood the test of time due toengineering prowess.Desc: The vulnerability is caused do to an improper sanitizationof the 'file' parameter when used for reading help files. Anattacker can exploit this vulnerability by directly requestinga '.jsp' file for example in the root directory of the serverto view its source code that might reveal sensitive information.Tested on: Resin Professional 4.0.36 (built Fri, 26 Apr 2013 03:33:09 PDT)           Java HotSpot(TM) 64-Bit Server VM 23.3-b01           4 cpu, Windows 7 amd64 6.1Vulnerability discovered by Gjoko 'LiquidWorm' Krstic                            @zeroscienceAdvisory ID: ZSL-2013-5144Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5144.php01.06.2013--http://127.0.0.1:8080/resin-doc/viewfile/?file=index.jsphttp://127.0.0.1:8080/resin-doc/viewfile/?contextpath=/.\../&servletpath=&file=index.jsphttp://127.0.0.1:8080/resin-doc/viewfile/?contextpath=/.&servletpath=&file=index.jsp

Resin Application Server 4.0.36 Cross-Site Scripting VulnerabilitiesVendor: Caucho Technology, Inc.Product web page: http://www.caucho.comAffected version: Resin Professional Web And Application Server 4.0.36Summary: Resin is the Java Application Server for high trafficsites that require speed and scalability. It is one of the earliestJava Application Servers, and has stood the test of time due toengineering prowess.
Desc: Resin Application and Web Server The plugin suffers from a XSSissue due to a failure to properly sanitize user-supplied input tothe 'logout' GET parameter in the 'index.php' script. URI-based XSSissue is also present and both of the vulnerabilities can be triggeredonce the user/admin is logged in (post-auth). Attackers can exploitthis weakness to execute arbitrary HTML and script code in a user'sbrowser session.Tested on: Resin Professional 4.0.36 (built Fri, 26 Apr 2013 03:33:09 PDT)           Java HotSpot(TM) 64-Bit Server VM 23.3-b01           4 cpu, Windows 7 amd64 6.1Vulnerability discovered by Gjoko 'LiquidWorm' Krstic                            @zeroscienceAdvisory ID: ZSL-2013-5143Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5143.php01.06.2013--http://127.0.0.1:8080/resin-admin/?q=index.php&logout=true%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3Ehttp://127.0.0.1:8080/resin-admin\?%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E