BlueFace Falcon Web服务器出错消息跨站脚本漏洞

BlueFace Falcon Web服务器出错消息跨站脚本漏洞

漏洞ID 1106909 漏洞类型 跨站脚本
发布时间 2002-08-09 更新时间 2002-12-31
图片[1]-BlueFace Falcon Web服务器出错消息跨站脚本漏洞-安全小百科CVE编号 CVE-2002-2318
图片[2]-BlueFace Falcon Web服务器出错消息跨站脚本漏洞-安全小百科CNNVD-ID CNNVD-200212-092
漏洞平台 Windows CVSS评分 4.3
|漏洞来源
https://www.exploit-db.com/exploits/21698
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-092
|漏洞详情
Falconwebserver2.0.0.1009到2.0.0.1021版本存在跨站脚本(XSS)漏洞。远程攻击者借助URI注入任意web脚本或者HTML,该漏洞插入到301出错消息和被404出错消息执行。
|漏洞EXP
source: http://www.securityfocus.com/bid/5435/info

Falcon Webserver does not sufficiently sanitize HTML tags from error message output. In particular, attackers may inject HTML into 301 and 404 error pages. 

It is possible to create a malicious link to the server which will generate an error page with attacker-supplied HTML and script code when visited. Arbitrary HTML and script code will be executed by the web client of the user visiting the server, in the security context of the server.


* 301 Message XSS

Closing TITLE tag:
http://localhost/%3c/title%3e%3cscript%3ealert(%22xss%22)%3c/script%3e
Closing A HREF:
http://localhost/%22%3cscript%3ealert(%22xss%22)%3c/script%3e
Closing A tag:
http://localhost/%3c/a%3e%3cscript%3ealert(%22xss%22)%3c/script%3e

* 404 Message XSS

http://localhost/%3cscript%3ealert(%22xss%22)%3c/script%3e/

The 301 examples will simply add a slash and pass it on to the browser,
which then raises a 404, exploiting that vulnerability as well (although the
301 exploits will cause some useless HTML to be added on)
|参考资料

来源:BID
名称:5435
链接:http://www.securityfocus.com/bid/5435
来源:XF
名称:falcon-error-msg-xss(9812)
链接:http://www.iss.net/security_center/static/9812.php
来源:BUGTRAQ
名称:20020808Cross-SiteScriptingIssuesinFalconWebServer
链接:http://seclists.org/lists/bugtraq/2002/Aug/0158.html
来源:FULLDISC
名称:20020808Cross-SiteScriptingIssuesinFalconWebServer
链接:http://lists.grok.org.uk/pipermail/full-disclosure/2002-August/000934.html

相关推荐: Debian mailman Vulnerability

Debian mailman Vulnerability 漏洞ID 1104644 漏洞类型 Input Validation Error 发布时间 1999-06-22 更新时间 1999-06-22 CVE编号 N/A CNNVD-ID N/A 漏洞平台 …

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享