'printenv' XSS vulnerability

• Previous message: fozzy@dmpfrance.com: "Re: KDE Security Advisory: Multiple vulnerabilities in KDE"
• Next in thread: Marc Slemko: "Re: 'printenv' XSS vulnerability"
• Reply: Marc Slemko: "Re: 'printenv' XSS vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 22 Dec 2002 21:49:58 -0000
From: Dr.Tek <tek@superw00t.com>
To: bugtraq@securityfocus.com

***** This writing is part of Malloc() Hackers & Malloc() Security *****
                         http://www.mallochackers.com
                        http://www.superw00t.com
************************************************************************
         
Title: 'printenv' XSS vulnerability
~~~~~
             Author: Dr.Tek of Malloc()
           ~~~~~~

Contact: "Dr.Tek" - (tek@superw00t.com)
~~~~~~~

No modification of the contents of this file should be made
without direct consent of the author or of Malloc() hackers or
Malloc() Security.
************************************************************************

'printenv' is a test CGI script that tends to come default with most
Apache installation. Usually located in the "/cgi-bin/" directory.

An XSS vulnerbility exist which will allow anyone to input specially
crafted links and/or other malicious/obscene scripts.

Example exploitation:

http://www.w00tw00t.com/cgi-bin/printenv/ href="bad">If you see this
error, Click here!</a>

Fix:

Since 'printenv' is just an example CGI script that has no real use and
has its own problems. Just remove it.

• Next message: Martin Schulze: "[SECURITY] [DSA 215-1] New cyrus-imapd packages fix remote command execution"
• Previous message: fozzy@dmpfrance.com: "Re: KDE Security Advisory: Multiple vulnerabilities in KDE"
• Next in thread: Marc Slemko: "Re: 'printenv' XSS vulnerability"
• Reply: Marc Slemko: "Re: 'printenv' XSS vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]