Re: XSS vulnerability on Apache Tomcat server

From: Anthony LaMantia (contact@bia-security.com)
Date: 12/04/99

Previous message: Benninghoff, John: "RE: Apache Chunked Encoding Vulnerability on AIX (RS6000)"
In reply to: Erwin van der Zwan: "XSS vulnerability on Apache Tomcat server"
Next in thread: Muhammad Faisal Rauf Danka: "Re: XSS vulnerability on Apache Tomcat server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Anthony LaMantia <contact@bia-security.com>
To: Erwin van der Zwan <erwin.zwan-van-der@siemens.nl>
Date: 04 Dec 1999 10:24:48 -0800

there is an article on packetstorm at this
link:http://packetstorm.decepticons.org/papers/web/xss-faq.txt

It provides some information on exploiting cross site scripting issues
on systems that use cookie based authentication, this may or may not
apply to your situation

good luck with the rest of the test

Anthony LaMantia
http://www.bia-security.com

On Mon, 2002-08-12 at 23:59, Erwin van der Zwan wrote:
>
>
> I am currently pen-testing an Apache Tomcat v4.0.3 web server running on a
> Windows 2000 box. The server just provides access to an LDAP database
> through a search query. The box is connected directly to the Internet and
> seems to be protected by McAfee/PGP personal firewall/IDS which blocks the
> IP address for 30 minutes or so. TCP ports 21, 80, 389, 1002 and 1720
> seems to be open, the rest is filtered/blocked. The server is running
> tomcat_server/servlet/JNDISearch Java LDAP search code.
>
> It seems to be vulnerable for XSS and path disclosure vulnerabilities. I
> got the path (D:\Tomcat\webapps) but any ideas on how to exploit the XSS
> vulnerability or advance with the test?
>
> Ideas?
>
> EvdZ
>
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
>
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Previous message: Benninghoff, John: "RE: Apache Chunked Encoding Vulnerability on AIX (RS6000)"
In reply to: Erwin van der Zwan: "XSS vulnerability on Apache Tomcat server"
Next in thread: Muhammad Faisal Rauf Danka: "Re: XSS vulnerability on Apache Tomcat server"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

AW: SQL Vulnerabilty Assesment
... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... automatically alerts you to the latest security vulnerabilities please see: ...
(Pen-Test)
Re: Cross Site Scripting Vulnerabilities - XSS
... Cross Site Scripting Vulnerabilities - XSS ... >>> This list is provided by the SecurityFocus Security Intelligence ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)
Re:One Big Review, One Small Script?
... >This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... >automatically alerts you to the latest security vulnerabilities please see: ...
(Pen-Test)
Re: MDAC/ IIS / Shell Code Goodies
... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... automatically alerts you to the latest security vulnerabilities please see: ...
(Pen-Test)
Re: faster scans? (nmap)
... one host using nmap for syn scans in burst mode with the ... >>>This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
(Pen-Test)