Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Bugtraq: Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability

Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability

From: Oliver Karow <Oliver.Karow_at_gmx.de>
Date: Tue, 28 Oct 2003 12:53:27 +0100 (MET)

Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability
---------------------------------------------------------------

There is a Cross-Site-Scripting Vulnerability in Fastream
NetFile FTP/Webserver Version 6.0.3.588.

Requesting a non existing URL will give a "404 Not Found" answer,
containing the requested URL. It is not checked if the URL contains
script code.

Exploiting:
-----------
http://webserver/<script>alert("bang")</script>

Vendor:
-------
http://www.fastream.com/NETFileServer

Credit:
-------
Oliver.Karow[AT]gmx.de
www.oliverkarow.de
28.10.2003 

-- 
NEU FÜR ALLE - GMX MediaCenter - für Fotos, Musik, Dateien...
Fotoalbum, File Sharing, MMS, Multimedia-Gruß, GMX FotoService
Jetzt kostenlos anmelden unter http://www.gmx.net
+++ GMX - die erste Adresse für Mail, Message, More! +++
Received on Oct 28 2003
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]