Full Disclosure mailing list archives
Caucho Resin 2.x - Cross Site Scripting
From: "morning_wood" <se_cur_ity () hotmail com>
Date: Sun, 19 Oct 2003 16:07:03 +0530
----------------------------------------------------------------- - EXPL-A-2003-026 exploitlabs.com Advisory 026 - ----------------------------------------------------------------- -= Caucho Resin =- Donnie Werner Oct 18, 2003 Vunerability(s): ---------------- 1. XSS note: this is not http://www.securiteam.com/securitynews/5KP0O1F7FM.html http://www.securitytracker.com/alerts/2002/Jun/1004552.html Product: -------- Caucho Resin Httpd 2.x Reviews: -------- http://www.caucho.com/sales/customers.xtp Description of product: ----------------------- "ResinĀ® is a cutting-edge XML Application Server. It serves the fastest servlets and JSP." VUNERABILITY / EXPLOIT ====================== default port 8080 ( others used ) affected scripts: env.jsp form.jsp session.jsp tictactoe.jsp http://[host]:8080/examples/tictactoe/tictactoe.jsp?move=<iframe%20src="http://attcker/evil.cgi"></iframe>4 or <SCRIPT>alert(document.domain);</SCRIPT><SCRIPT>alert(document.cookie);</SCR IPT> the above is only an example, all cookie and session stealing Cross Site Scripting was possible. guestbook.jsp allows persistant XSS enter evil javascript in "name" and "comment" fields it is then re-rendered upon revisit Local: ------ nay Remote: ------- yeh Vendor Fix: ----------- Versions 3.x dont have the examples included Vendor Contact: --------------- bugs () caucho com Concurrent with this advisory Credits: -------- Donnie Werner CTO E2 Labs http://e2-labs.cpm morning_wood () e2-labs com http://nothackers.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Caucho Resin 2.x - Cross Site Scripting morning_wood (Oct 19)
- Re: Caucho Resin 2.x - Cross Site Scripting jelmer (Oct 19)
- Re: Caucho Resin 2.x - Cross Site Scripting Gregory Steuck (Oct 20)
- Re: Caucho Resin 2.x - Cross Site Scripting jelmer (Oct 20)
- Re: Caucho Resin 2.x - Cross Site Scripting Gregory Steuck (Oct 20)
- Re: Caucho Resin 2.x - Cross Site Scripting jelmer (Oct 19)