------------------------------------------ FSN-2003-001 Frame4 Security Notice ------------------------------------------ 05/20/2003 Donnie Werner morning_woodat_private http://frame4.com Product:: Verity/Search'97 ObjectStoreSearch This is a different issue than posted at: http://www.kb.cert.org/vuls/id/636431 and http://archives.neohapsis.com/archives/bugtraq/1998_3/0143.html Sites affected: ( sample ) http://wwws.house.gov http://www.timex.com Exploit / Fault: type into search box... <""> press go, view results... -------------- copy-n-paste ------------------------- Formatter Cannot open template file serror.hts Component Component (vformat) failed in processing request, -2002 Action Action (ErrorReport) failed while processing request in component (vformat), -2002 Service Manager Action (FilterSearch) failed in processing request, -2002 S97IS Service manager failed to process request ---------------------------- end --------------------------------- Vendor Contact: Concurent to this Advisory tech-supportat_private ---------------------------------------------------------------- Donnie Werner - Exploit Research morning_woodat_private http://frame4.com --------------------------------------------------------------- se_cur_ityat_private http://exploit.wox.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Wed May 21 2003 - 07:39:10 PDT