[UNIX] ProBoards Forums Contains a XXS Vulnerability

From: support@securiteam.com
Date: 12/22/02

  • Next message: support@securiteam.com: "[UNIX] Security Problems Found with mkstemp()" 
    From: support@securiteam.com
To: list@securiteam.com
Date: 22 Dec 2002 12:31:11 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    Beyond Security would like to welcome Tiscali World Online
    to our service provider team.
    For more info on their service offering IP-Secure,
    please visit http://www.worldonline.co.za/services/work_ip.asp
    - - - - - - - - -

      ProBoards Forums Contains a XXS Vulnerability
    ------------------------------------------------------------------------

    SUMMARY

     <http://proboards.com> ProBoards is a popular online message board
    service. An XSS vulnerability allowed users to inject JavaScript into an
    [img] tag before it was fixed on November the 28th.

    DETAILS

    Example:
    If you posted this:

    [img]http://a.a/a"onerror="javascript:alert(document.cookie)[/img]

    A user viewing the post would see a popup message containing his cookie.

    Vendor status:
    Vendor was notified and the vulnerability was fixed almost immediately.

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:dchia1010@yahoo.com> Danny
    Chia.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

    Relevant Pages

    • [UNIX] Sun AnswerBook2 Gettransbitmap Buffer Overflow Vulnerability
      ... there are no vendor patches available. ... Otherwise, disable AnswerBook2. ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
      (Securiteam)
    • [NT] Macromedia Sitespring Cross-Site Scripting
      ... The vendor was notified on 16 April 2002. ... Replace the error script with a custom error page. ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
      (Securiteam)
    • [UNIX] IcrediBB Contains a Cross Site Scripting Vulnerability
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Vendor has been notified of all issues discussed. ... This bulletin is sent to members of the SecuriTeam mailing list. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
      (Securiteam)
    • [UNIX] Integer overflow in PHP array_pad() function
      ... execute PHP commands to gain administrative privileges. ... Vendor was contacted. ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
      (Securiteam)
    • [NT] Cerberus FTP Server Stores Password in the Clear
      ... Cerberus FTP Server ... Vendor has been informed, ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
      (Securiteam)