Related information

CGI bugs

Lil'HTTP Pbcgi.cgi XSS Vulnerability

[sp00fed packet] Whois vulnerability

Noguska Nola 1.1.1 [ Intranet Business Management Software ]

XSS in HTDIG

From:	Matthew Murphy <mattmurphy_(at)_kc.rr.com>
Date:	28.06.2002
Subject:	ALERT: Lil'HTTP Server (Summit Computer Networks)

ALERT: Lil'HTTP Server (Summit Computer Networks)
Vendor Notified: June 26

I have informed Summit of a flaw in its Lil'HTTP
Server.  The vulnerability lies in the "REPORT"
functionality of urlcount.cgi.

The flaw may allow malicious webmasters to
script actions across domains.

Users can protect themselves by removing the
sample file.

"The reason the mainstream is thought
of as a stream is because it is
so shallow."
                    - Author Unknown