|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability
From: Oliver Karow (Oliver.Karow
gmx.de)
Date: Tue Oct 28 2003 - 05:53:27 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability
---------------------------------------------------------------
There is a Cross-Site-Scripting Vulnerability in Fastream
NetFile FTP/Webserver Version 6.0.3.588.
Requesting a non existing URL will give a "404 Not Found" answer,
containing the requested URL. It is not checked if the URL contains
script code.
Exploiting:
-----------
http://webserver/<script>alert("bang")</script>
Vendor:
-------
http://www.fastream.com/NETFileServer
Credit:
-------
Oliver.Karow[AT]gmx.de
www.oliverkarow.de
28.10.2003
--
NEU FÜR ALLE - GMX MediaCenter - für Fotos, Musik, Dateien...
Fotoalbum, File Sharing, MMS, Multimedia-Gruß, GMX FotoService
Jetzt kostenlos anmelden unter http://www.gmx.net
+++ GMX - die erste Adresse für Mail, Message, More! +++
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]