[UNIX] CGI-City's CCGuestBook Script Injection Vulnerabilities

From: support@securiteam.com
Date: 03/30/03

  • Next message: support@securiteam.com: "[NEWS] Bajie HTTP Server Cross-Site Scripting Vulnerability"
    From: support@securiteam.com
    To: list@securiteam.com
    Date: 30 Mar 2003 16:08:31 +0200
    
    

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    In the US?

    Contact Beyond Security at our new California office
    housewarming rates on automated network vulnerability
    scanning. We also welcome ISPs and other resellers!

    Please contact us at: 323-882-8286 or ussales@beyondsecurity.com
    - - - - - - - - -

      CGI-City's CCGuestBook Script Injection Vulnerabilities
    ------------------------------------------------------------------------

    SUMMARY

     <http://www.icthus.net/CGI-City/scr_cgicity.shtml#CCGUEST> CCGuestBook is
    a "simple guestbook program that is very easy to configure and install. It
    features a notification facility which sends an email alert to the
    guestbook owner whenever new entries are made. It may also be used as a
    post-it board to allow visitors to a web site to just post messages". The
    mentioned product has been found to contain a cross-site scripting
    vulnerability that would allow a remote attacker posting a Guestbook entry
    to include inside it a malicious HTML or JavaScript, thus causing a user
    viewing the Guestbook entry to execute arbitrary commands.

    DETAILS

    cc_guestbook.pl neglects to filter out user input allowing script
    injection to the Guestbook via the "name" and "webpage title" values. The
    injected script will be executed in the user's browser whenever he visits
    the guestbook.

    Vendor status:
    1-30-03 The vendor was emailed (cgicity@icthus.net)

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:brainrawt@hotmail.com>
    BrainRawt.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.


  • Next message: support@securiteam.com: "[NEWS] Bajie HTTP Server Cross-Site Scripting Vulnerability"

    Relevant Pages

    • Re: Guest Book
      ... I naively put my email address on my web site, ... You do not need a guestbook. ... > display the posts I used a database results page. ... response of guest book should be sent to my email address. ...
      (microsoft.public.frontpage.programming)
    • Re: Some Scottish Webcam Links
      ... side of Glasgow and are related to a web site with a guestbook. ... links above and discovered that I had been infected with "Adware" and a ... cookie which had not been on my system before. ...
      (soc.culture.scottish)
    • Re: Some Scottish Webcam Links
      ... Ian Morrison informs us: ... side of Glasgow and are related to a web site with a guestbook. ...
      (soc.culture.scottish)
    • Re: I need a Guestbook for my web site
      ... Dani ... > Can anyone recommend a good guestbook to add to my Web site? ...
      (sci.med.transcription)
    • Jason Maloneys Guestbook XSS Vulnerability.
      ... Jason Maloney's Guestbook is a simple CGI script which ... is both an easy to use and easy to setup guestbook ... print MAIL "Reply-to: $FORM ... print MAIL "Subject: Entry to YOUR Guestbook\n\n"; ...
      (Bugtraq)