[Full-disclosure] SimpBook "message" Remote Cross-Site Scripting Vulnerability
Mbyte Security
mbytesecurity.org at gmail.com
Fri Jan 6 20:50:41 GMT 2006
Listen little bastard ... why dont you post the afected piece of code???
this "technical" description is not so technical ... its sucks! (like you)
And what kinda XSS allows "arbitrary execution of script code in the
security contextt of an affected website" Did you ever known the meaning of
"cross site scripting" and how is the relation betwn webserver and
browser...
I wanna attach a pic of you and another of pan-zorra
--
Megabyte
http://mbytesecurity.org
El Dios de la Red
Saludos a mi ex-zorra Pandora, que me pone cuernos
Zeus,Cairo,Redpoint,x0p0x and all lame band
On 1/6/06, zeus olimpusklan <zeus.olimpusklan at gmail.com> wrote:
>
>
> ###########################################################################
> # Advisory #5 Title: SimpBook "message" Remote Cross-Site Scripting
> Vulnerability
> #
> #
> # Author: 0o_zeus_o0
> # Contact: zeus at diosdelared.com
> # Website: Elitemexico.org
> # Date: 05/01/2006
> # Risk: High
> # Vendor Url: http://codegrrl.com/scripts/simpbook/
> # Affected Software: SimpBook
> # Non Affected:
> #
> # We Are: olimpus klan team
> #
> #TECHNICAL INFO
> #================================================================
> #
> #An input validation vulnerability in SimpBook has been reported, which
> can be exploited
> #
> #by remote users to conduct cross-site scripting attacks.
> #
> #User-supplied input passed to the "message" field isn't sanitised before
> being stored in
> #
> #the guestbook. This can be exploited to execute arbitrary script code in
> the security context
> #
> #of an affected website, as a result the code will be able to access any
> of the target user's
> #
> #cookies, access data recently submitted by the target user via web form
> to the site, or take
> #
> #actions on the site acting as the target user.
> #
> #Successful exploitation requires that "html_enable" is set to "on" in "
> config.php".
> #
> #This is set to"on" in the default installation.
> #
> #Solution:
> #
> #Set "html_enable" to "off" in " config.php" or edit the source code to
> ensure that input is properly sanitised.
> #
> #
> #VULNERABLE VERSIONS
> #================================================================
> #SimpBook version 1.0. Other versions may also be affected.
> #
> #
> #================================================================
> #Contact information
> #0o_zeus_o0
> #zeus at diosdelared.com
> #www.olimpusklan.org
> #================================================================
> #greetz: lady fire, fraude, xoxo, El_Mesias
>
> ##############################################################################
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060106/5006872c/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: zeus2.jpg
Type: image/jpeg
Size: 21070 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060106/5006872c/attachment.jpg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: MVC-004S.JPG
Type: image/jpeg
Size: 29187 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060106/5006872c/attachment.jpe
Full-Disclosure is hosted and sponsored by Secunia.