Perception LiteServe DNS Wildcard跨站脚本漏洞

漏洞信息详情

Perception LiteServe DNS Wildcard跨站脚本漏洞

• CNNVD编号：CNNVD-200212-613
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2002-2192
  
• 漏洞类型：
  
  
  跨站脚本
  
• 发布时间：
  
  2002-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2006-03-17
  
• 厂        商：
  
  perception
• 漏洞来源：
  Discovery of this …

Perception LiteServe 2.0.1版本存在跨站脚本（XSS）漏洞。远程攻击者可以借助(1)DNS wildcards支持的Host：头或（2）indexed文件夹的\”dir\”请求的查询字符串执行任意web脚本。

Perception has released a new version of the software addressing this issue. Users are advised to upgrade as soon as possible.
Perception LiteServe 2.0.1

• Perception LiteServe v2.02
  
  http://www.liteserve.net

来源: BID
名称: 6143
链接:http://www.securityfocus.com/bid/6143

来源: BID
名称: 6131
链接:http://www.securityfocus.com/bid/6131

来源: XF
名称: liteserve-directory-index-xss(10561)
链接:http://www.iss.net/security_center/static/10561.php

来源: BUGTRAQ
名称: 20021108 LiteServe Directory Index Cross-Site Scripting
链接:http://online.securityfocus.com/archive/1/298987

来源: VULNWATCH
名称: 20021107 LiteServe Directory Index Cross-Site Scripting
链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0063.html