| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 07 Oct 2003 00:05:01 +0400 From: "nimber" <nimber@...l.ru> To: bugtraq@...urityfocus.com Subject: JS/HTML code injection in File-Sharing for NET v1.5 and Forums Web Server v1.5 +-----------------------------+ Advisories: JS/HTML code injection in File-Sharing for NET v1.5 and Forums Web Server v1.5 Author: nimber [nimber@...l.ru] Date: 10/06/2003 +-----------------------------+ Vendor: http://www.minihttpserver.net Version: 1.5 (and older versions?) Shareware :) Mini-description [for File-Sharing for NET v1.5]: "File Sharing for net is a complete, secure web server that shares your business documents and files over the web: remote users only need browsers to view your files. Share, transfer files securely with colleagues." Mini-description [for Forums Web Server v1.5]: "WebForums Server allows you to setup a bulletin board and photo/file exchange web service. It offers a built in HTTP engine, internal database engine, integrated HTML/Script pages, user management interface, message board engine and a secure file Upload/Download option. It is without a doubt the easiest and complet all in one Forum Server software you have seen." [The information from a site www.minihttpserver.net] +-----------------------------+ Problem: These two products, from one vendors, use the similar built - in forum (BBS). I think, that Forums Web Server v1.5 is the easy version of the program File-Sharing for NET. I have found vulnerability in the built - in forum of both programs. In the program File-Sharing for NET v1.5, at addition of the new message there is no filtration entered given in fields "Subject:" and "Your message:". It enables inserts any JS/HTML of a code. For example: <script> alert (document.cookie); </script> In the program Forums Web Server v1.5, there is no filtration only in a field "Subject:", in a field "Your message:" the symbol < is replaced on "<". +-----------------------------+ For contacts: nimber icq: 132614 e-mail: nimber@...l.ru Home Page: nimber.plux.ru Greets: ZeT,euronymous,JLx and all my friends. Hi to teams: zud team, void.ru, RusH Team, m00 security, eXploit.ru,LWTeam, F0K Project,Free-Crew. p.s> Sorry for my bad english ;) (0_o(0_o)0_o)
Powered by blists - more mailing lists