OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: BrainRawt . (brainrawthotmail.com)
Date: Tue Apr 30 2002 - 16:45:25 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

      ___________ ____________ ____ __ ___ ______________
    |\ ____ \ |\ ____ \ |\ \|\ \|\ \ |\_____ ____\
    | \ \__|\ \ | \ \__|\ \ | \ \ \ \ \ \ | | |\ \ |
    \ \ ___ | \ \ ____ \ \ \ \_| \_| \ \|___| \ \__|
      \ \ \_|\ \_ \ \ \__|\ \ \ \ _ \ \ \ \
       \ \ \\ \ \ \ \ \ \ \ \ \ \ |\ http://rawt.daemon.sh
        \ \___\\ \___\ \ \___\ \ \___\ \ \____| \_____\ \ \___\
         \ | | \ | | \ | | \ | | \ | |\ | | \ | |
          \|___| \|___| \|___| \|___| \|___| \|____| \|___|

    Levcgi.coms MyGuestbook JavaScript Injection Vulnerability
    Discovered By BrainRawt (brainrawthotmail.com)

    About MyGuestbook:
    ------------------
    Highly customizable guestbook that was released on Feb. 20, 2002, and
    can be downloaded at http://www.levcgi.com/programs.cgi?program=myguestbook

    According to the website, ...myGuestbook has been downloaded 1298 times!

    Vulnerable (tested) Versions:
    --------------------
    MyGuestbook v 1.0

    Vendor Contact:
    ----------------
    4-28-02 - Emailed levtaintedthoughts.com

    4-30-02 - No Reply from the author and I have decided not to wait since I
               never got a reply about another concern i had several months ago
               involving one of his cgi scripts.

    Vulnerability:
    ----------------
    myguestbook inproperly filters input to the guestbook making the guestbook
    prone to cross-site scripting attacks by malicious visitors to the site.
    This
    could be a medium to high concern when mixed with a website that uses
    cookies.

    Exploit (POC):
    ----------------
    Sign up and post using the "name"
    <script>alert('evil+java+script+here')</script>

    or

    When posting comments just insert the
    <script>alert('evil+java+script+here')</script>
    to the comments field.

    --------------------------------------------------------------------------
    Knowledge is Power! How Powerful are you? - BrainRawt

    _________________________________________________________________
    Send and receive Hotmail on your mobile device: http://mobile.msn.com