| VID |
21331 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Xitami HTTP server has a cross-site scripting vulnerability in the testssi.ssi script. Xitami is an easy to use and open source Web server for various platforms. Xitami versions 2.5c0 and 2.5c1 are vulnerable to cross-site scripting, caused by improper filtering in the server side includes test script (testssi.ssi). A remote attacker could create a specially-crafted URL to the testssi.ssi script containing embedded script in the HTTP_USER_AGENT or HTTP_REFERER variables, which would be executed in the victim's Web browser within the security context of the hosting site, once the malicious link is clicked. The attacker could exploit this flaw to hijack web content or steal cookie-based authentication credentials from legitimate users.
* References:
http://www.oliverkarow.de/research/xitami25c1_testssi_XSS.txt
http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0913.html
* Platforms Affected:
iMatix Xitami 2.5 c0
iMatix Xitami 2.5 c1
Microsoft Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
No upgrade or patch available as of August 2004.
Upgrade to the latest version of Xitami, when new fixed version becomes available from the Xitami Web site at http://www.xitami.com/ |
| Related URL |
(CVE) |
| Related URL |
10778 (SecurityFocus) |
| Related URL |
16781 (ISS) |
|
