Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

[SNS Advisory No.49] A Possibility of Internet Information Server/Services Cross Site Scripting
From: "snsadv () lac co jp" <snsadv () lac co jp>
Date: Thu, 11 Apr 2002 18:33:54 +0900
----------------------------------------------------------------------
SNS Advisory No.49
A Possibility of Internet Information Server/Services Cross Site Scripting

Problem first discovered: Fri, 11 Jan 2002
Published: Thu, 11 Apr 2002
----------------------------------------------------------------------

Overview:
---------
  Microsoft Internet Information Server/Services (IIS) is prone to a 
  potential Cross Site Scripting vulnerability. 

Details:
--------
  When a request is submitted to IIS, it returns a "302 Object Moved" 
  error message to the client without changing the metacharacters 
  contained in the request.  This occurs when the request contains the 
  following URI:  

  GET /existing directory name?"><script>alert("aaa"); </script>

Affected Versions:
------------------
  Microsoft Internet Information Server 4.0
  Microsoft Internet Information Services 5.0
  Microsoft Internet Information Services 5.1

Solution:
---------
  This vulnerability can be eliminated by applying the following patch 
  available at: 

  Microsoft Security Bulletin MS02-018:
  http://www.microsoft.com/technet/security/bulletin/ms02-018.asp

  Microsoft Security Bulletin MS02-018(Japanese version):
  http://www.microsoft.com/japan/technet/security/bulletin/MS02-018.asp

Discovered by:
--------------
  Keigo Yamazaki

Disclaimer:
-----------
  All information in these advisories are subject to change without any 
  advanced notices neither mutual consensus, and each of them is released 
  as it is. LAC Co.,Ltd. is not responsible for any risks of occurrences 
  caused by applying those information. 

References:
-----------
  Archive of this advisory:
  http://www.lac.co.jp/security/english/snsadv_e/49_e.html

------------------------------------------------------------------
Secure Net Service(SNS) Security Advisory <snsadv () lac co jp>
Computer Security Laboratory, LAC  http://www.lac.co.jp/security/
-------------------------------------------------------------------

  By Date           By Thread  

Current thread:
  • [SNS Advisory No.49] A Possibility of Internet Information Server/Services Cross Site Scripting snsadv () lac co jp (Apr 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]