Home page logo
/

bugtraq logo Bugtraq mailing list archives

XSS Bug in Cherokee Webserver
From: rubengarrote () idominiun com
Date: 6 Apr 2006 23:44:55 -0000

Tuesday 4 of April of 2006, I have detected that it is possible to mount an attack of the type Cross Site Scripting 
(XSS) in cherokee-0.5.0 and all previous versions.

The problem resides, when introducing code HTML in the URL. Because previously, it was let now of a seemed failure, 
from version 0.4.8 filter the characters < > when an error 404 happens. But if cherokee does not understand the request 
(Error 400) gives back the string introduced by the user, without no modification, allowing that can be injected I code 
HTML, to the client.

Proofs of concepts: http://localhost:80<script>alert("XSS_Discovered_by_Ruben_Garrote_Garcia_4_Mar_2006");</script> 
http://localhost/..<script>alert("XSS_Discovered_by_Ruben_Garrote_Garcia_4_Mar_2006");<script>

Version not vulnerable: cherokee-0.5.1
Web Cherokee: www.0x50.org

Credits:
Ruben Garrote Garcia
rubengarrote () idominiun com


  By Date           By Thread  

Current thread:
  • XSS Bug in Cherokee Webserver rubengarrote (Apr 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]