[NEWS] Hosting.com Cross-Site Scripting Vulnerability
From: support@securiteam.comDate: 12/18/01
- Previous message: support@securiteam.com: "[NT] NoHTML Built-in Outlook 2002 Feature Protects Against Malicious Code"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Tue, 18 Dec 2001 16:49:04 +0100 (CET)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Hosting.com Cross-Site Scripting Vulnerability
------------------------------------------------------------------------
SUMMARY
A security vulnerability in Hosting.com's web based email engine, allows
attackers to cause the program to insert HTML and JavaScript into user
displayed pages. This would allow an attacker to utilize a Cross Site
Scripting attack against the user.
DETAILS
Most variables passed to the webmail script used by hosting.com (formerly
CTSNet) can be used to execute scripts with local server context.
Exploit:
ADDITIONAL INFORMATION
The information has been provided by <mailto:rdnktrk@hotmail.com> E M.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
====================
DISCLAIMER:
(NOTE, the 'I' of SCRIPT has been replaced with an '!')
http://webmail.cts.com/webmail.cgi?_ID=
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
Relevant Pages
... the iis-kabom script and noted that it had 69 GET requests (many of which ... I also agree that the attackers have likely moved from scripted IIS-scan ... IBM Managed Security Services ...
(Incidents)
... helpful for managers interested in hiring new administrators. ... Would you go thru the 14,600 messages in root and admin ... If I was a new SA I would if encountering a security hole, ... I can see some use for the passwd -s part of the crontab script, ...
(SunManagers)
... snip.. ... Before I could manually download every security upate and servicepack from MS.com but now...they send you a bit of Cop-code that fails to run unless ALL defences are down ... Are you sure the script from ntsvcfg is benign in addition to being useful? ... You are absolutely correct there HAL, er ah, Sebastian. ...
(alt.computer.security)
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... The Windows Script Engine provides Windows operating systems with the ... blocked by Outlook Express 6.0 and Outlook 2002 in their default ...
(Securiteam)
... I consider JavaScript (known to security people as JavaVirus) as one of the Really Top ... to have a bad script cause damage to my machine. ... This security feature is called the "Local Machine Zone Lockdown". ... Tags, and the CDHtmlDialog class in this forum, and got no response. ...
(microsoft.public.vc.mfc)
