Full Disclosure mailing list archives

Re: Search Engine XSS


From: Shanphen Dawa <list () hardlined com>
Date: Wed, 23 Jul 2003 17:35:31 -0500

So why not show one of these legitimate examples instead of the overused window popup script?

It would just be easier to ascertain the level of severity if an actual DoS string or this "trusted internal call" was 
exploited.

I am sure there are a lot of forms that can be a victim of a xss string, but how many of them can actually be used for 
anything useful (from an attacker point of view)?


On Wed, 23 Jul 2003 11:34:53 -0700
"morning_wood" <se_cur_ity () hotmail com> wrote:

both..

Can you use this to DoS the server?
 consider that the server must process the requests.. i think it can be a
DoS issue with enough length and quanity of the requests.

Can you use this to gain access to areas on the server otherwise not
available?

many servers assume a call to "/somefolder/somefile.ext" is a trusted
internal call.
where http://theserver/somefolder/somefile.ext

morning_wood
http://exploitlabs.com






-- 
/*
"To avoid all evil, to cultivate good, 
and to cleanse one's mind  
this is the teaching of the Buddhas."

Martin Ekendahl
http://www.hardlined.com
martin () hardlined com
*/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Current thread: