PTL-2002-03 Betsie XSS Vuln

2002-07-02T00:00:00
ID SECURITYVULNS:DOC:3159
Type securityvulns
Reporter Securityvulns
Modified 2002-07-02T00:00:00

Description

                    PenTest Limited 
                www.pentest-limited.com 
                   Security Advisory

                   XSS bug in Betsie

Announcement date: 1st July 2002 Reference: ptl-2002-03

Advisory Details

Product: Betsie Vulnerable versions: 1.5.11 and all versions before Vulnerability Type : Input Validation Error Platforms: All Vendor-URL: http://www.bbc.co.uk/education/betsie/ Vendor-Status: informed, new version available Remote-Exploit: Yes

Overview

A Cross-site Scripting vulnerability exists in the Betsie application. The developer has been notified and a fixed version has been released.

Description

Betsie stands for BBC Education Text to Speech Internet Enhancer, and is a simple Perl script which is intended to alleviate some of the problems experienced by people using text to speech systems for web browsing.

The Betsie perl script does not adequately validate and filter URL input making it vulnerable to Cross-site Scripting attacks.

Cross-site Scripting example:

http://server/cgi-bin/betsie/parserl.pl/<script>alert("eek!")</script>

For more details about XSS vulnerabilities see http://www.owasp.org/asac/input_validation/css.shtml

Fix

The vendor has released a new version of the script 1.5.12, which seems to fix the bug.

Vendor status

Vendor has released a new version. See http://www.bbc.co.uk/education/be tsie/download.html

Thanks

Thankyou to Wayne Myers for responding so quickly to our notification and promptly releasing a fix.

Credit

Discovered on 24 June, 2002 by Mark Rowe ( mark.rowe@pentest-limited.com) http://www.pentest-limited.com -- Mark Rowe IT Security Consultant PenTest Limited

Office +44 (0)1565 830990 Fax +44 (0)1565 830889 Mobile +44 (0)7813 803929

mark.rowe@pentest-limited.com

www.pentest-limited.com