Microsoft Site Server Default.asp XSS

2002-01-30T00:00:00
ID OSVDB:17665
Type osvdb
Reporter RFP(rfp@wiretrip.net)
Modified 2002-01-30T00:00:00

Description

Vulnerability Description

Microsoft Site Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input upon submission to the 'Default.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

Microsoft Site Server contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input upon submission to the 'Default.asp' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[victim]/SiteServer/Knowledge/Default.asp?ctr="><script>alert("uhoh")</script>

References:

Vendor URL: http://www.microsoft.com/ Snort Signature ID: 1817 Snort Signature ID: 1818 Security Tracker: 1003420 Related OSVDB ID: 17655 Related OSVDB ID: 17658 Related OSVDB ID: 17661 Related OSVDB ID: 17663 Related OSVDB ID: 17664 Related OSVDB ID: 17666 Related OSVDB ID: 17668 Related OSVDB ID: 17656 Related OSVDB ID: 17660 Related OSVDB ID: 17667 Related OSVDB ID: 17669 Related OSVDB ID: 17652 Related OSVDB ID: 17654 Related OSVDB ID: 17657 Related OSVDB ID: 17670 Related OSVDB ID: 831 Related OSVDB ID: 17653 Related OSVDB ID: 17659 Related OSVDB ID: 17662 Related OSVDB ID: 17665 Related OSVDB ID: 17671 Nessus Plugin ID:11018 Microsoft Knowledge Base Article: 248840 Mail List Post: http://marc.theaimsgroup.com/?l=vulnwatch&m=101235440104716&w=2