[UNIX] ftls.org Guestbook Script Injection Vulnerabilities

From: support@securiteam.com
Date: 01/29/03

  • Next message: support@securiteam.com: "[EXPL] MSSQL2000 Remote UDP Exploit" 
    From: support@securiteam.com
To: list@securiteam.com
Date: 29 Jan 2003 10:45:29 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    Beyond Security would like to welcome Tiscali World Online
    to our service provider team.
    For more info on their service offering IP-Secure,
    please visit http://www.worldonline.co.za/services/work_ip.asp
    - - - - - - - - -

      ftls.org Guestbook Script Injection Vulnerabilities
    ------------------------------------------------------------------------

    SUMMARY

    The guestbook example of
    <http://www.ftls.org/en/examples/cgi/Guestbook.shtml#s1.> FTLS has been
    found to contain multiple script injection vulnerabilities (Cross site
    scripting vulnerabilities).

    DETAILS

    Vulnerable systems:
     * FTLS.org's GuestBook version 1.1

    The guestbook.cgi has been found to inproperly filter user input making
    the guestbook vulnerable to script injection.

    Example:
    When filling in ones name use:
    < script>alert('your_name_field_vuln_to_injection')</script>

    When filling in the Title use:
    < script>alert('title_field_vuln_to_injection')</script>

    When filling in the Comment use:
    < script>alert('comments_field_vuln')</script>

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:brainrawt@hotmail.com>
    BrainRawt ..

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

    Relevant Pages

    • ftls.org Guestbook 1.1 Script Injection
      ... ftls.org Guestbook 1.1 Script Injection Vulnerabilities ... When filling in ones name use: ...
      (Bugtraq)
    • [UNIX] Vulnerabilities in PGPMail.pl Lead to Remote Code Execution
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Two vulnerabilities exist that allow a remote attacker to execute ... The script passes user-supplied data directly to a shell: ... > # Don't pass the recipient to the $mailprog on the command line. ...
      (Securiteam)
    • [UNIX] XSS Vulnerabilities Found in XMB Forum
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Toronto-based Sunrays Technologies is now Beyond Security's representative in Canada. ... XMB Forum is "a free web-based bulletin board ... vulnerabilities have been found in the XMB Forum, ...
      (Securiteam)
    • TRACKtheCLICK Script Injection Vulnerabilities
      ... Scripts4webmasters.com TRACKtheCLICK Script Injection Vulnerabilities ... A perl coded CGI that tracks your email, ezine, banner, and web site ...
      (Bugtraq)
    • BroadVision command Injection
      ... script injection. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... automatically alerts you to the latest security vulnerabilities please see: ...
      (Pen-Test)