[VulnWatch] OmniHTTPd test.php Cross-Site Scripting Issue

From: Matthew Murphy (mattmurphyat_private)
Date: Sun Aug 25 2002 - 08:48:39 PDT

Next message: Matthew Murphy: "[VulnWatch] OmniHTTPd test.shtml Cross-Site Scripting Issue"

Previous message: Matthew Murphy: "[Full-Disclosure] OmniHTTPd test.php Cross-Site Scripting Issue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A vulnerability exists in the test.php script of OmniHTTPd.  The script
makes a classic coding error -- trusting unsanitized user input.  The query
string and cookie values are returned unfiltered.  Of most concern, of
course, is the query string:

http://localhost/test.php?%3CSCRIPT%3Ealert%28document.URL%29%3C%2FSCRIPT%3E
=x

The impact of this vulnerability will vary by site.  A production site would
most likely *not* have the sample scripts installed, but it would be wise to
check.

"The reason the mainstream is thought
of as a stream is because it is
so shallow."
                     - Author Unknown

Next message: Matthew Murphy: "[VulnWatch] OmniHTTPd test.shtml Cross-Site Scripting Issue"
Previous message: Matthew Murphy: "[Full-Disclosure] OmniHTTPd test.php Cross-Site Scripting Issue"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Aug 25 2002 - 12:17:36 PDT