Computer Security

Security Advisory: Cgisecurity Advisory #9: Novell Websearch, and Microsoft IIS XSS Issues
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Multiple bugs in Microsoft Internet Information Server

  [SNS Advisory No.58] Microsoft IIS Local Cross-site Scripting Vulnerability

  [A3SC] MS IIS out of process privilege elevation vulnerability(A3C
R@K-Vul-2002-06-
002)

  Microsoft Internet Information Server 5/5.1 Denial of Service (#NISR31102002)

  Microsoft Security Bulletin MS02-062: Cumulative Patch for Internet Information Service (Q327696)

From:zeno <zeno_(at)_cgisecurity.net>
Date:11.04.2002
Subject:Cgisecurity Advisory #9: Novell Websearch, and Microsoft IIS XSS Issues

Just two XSS holes. I only bothered releasing them because both microsoft
and novell seemed to suffer a similar problem. I like to know about a hole
no matter how small it is, if its in a product I use.

Advisory
www.cgisecurity.com/advisory/9.txt

- zeno@cgisecurity.com

NOTE: Novell issued a patch within a month of my findings. Patching information
within advisory.

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru