[25019] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Cgisecurity Advisory #9: Novell Websearch, and Microsoft IIS XSS Issues

daemon@ATHENA.MIT.EDU (zeno)
Wed Apr 10 16:08:20 2002

From: zeno <zeno@cgisecurity.net>
Message-Id: <200204101408.g3AE84H36326@cgisecurity.net>
To: bugtraq@securityfocus.com, vulnwatch@vulnwatch.org,
        bugs@securitytracker.com
Date: Wed, 10 Apr 2002 10:08:04 -0400 (EDT)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Just two XSS holes. I only bothered releasing them because both microsoft
and novell seemed to suffer a similar problem. I like to know about a hole
no matter how small it is, if its in a product I use. 

Advisory
www.cgisecurity.com/advisory/9.txt

- zeno@cgisecurity.com

NOTE: Novell issued a patch within a month of my findings. Patching information
within advisory.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[25019] in bugtraq

Cgisecurity Advisory #9: Novell Websearch, and Microsoft IIS XSS Issues

daemon@ATHENA.MIT.EDU (zeno)Wed Apr 10 16:08:20 2002

daemon@ATHENA.MIT.EDU (zeno)
Wed Apr 10 16:08:20 2002