CGI abuses : XSS : IIS XSS via 404 error

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 45310 CVE descriptions and 24975 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 10936

Category: CGI abuses : XSS

Title: IIS XSS via 404 error

Summary: Tests for IIS XSS via 404 errors

Description: This IIS Server appears to vulnerable to one of the cross site scripting
attacks described in MS02-018. The default '404' file returned by IIS uses scripting to output a link to
top level domain part of the url requested. By crafting a particular URL it is possible to insert arbitrary script into the
page for execution.

The presence of this vulnerability also indicates that you are vulnerable to the other issues identified in MS02-018 (various remote buffer overflow and cross site scripting attacks...)

References:
http://www.microsoft.com/technet/security/bulletin/MS02-018.mspx
http://jscript.dk/adv/TL001/

Risk factor : Medium

Cross-Ref: BugTraq ID: 4476
BugTraq ID: 4483
BugTraq ID: 4486
Common Vulnerability Exposure (CVE) ID: CVE-2002-0148
Bugtraq: 20020410 IIS allows universal CrossSiteScripting (Google Search)
Microsoft Security Bulletin: MS02-018
http://www.microsoft.com/technet/security/bulletin/ms02-018.asp
http://www.cert.org/advisories/CA-2002-09.html
Cisco Security Advisory: 20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018
http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
http://www.iss.net/security_center/static/8803.php
CERT/CC vulnerability note: VU#886699
http://www.kb.cert.org/vuls/id/886699
http://www.securityfocus.com/bid/4486
http://www.osvdb.org/3339
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:81
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:92
Common Vulnerability Exposure (CVE) ID: CVE-2002-0150
CERT/CC vulnerability note: VU#454091
http://www.kb.cert.org/vuls/id/454091
http://www.iss.net/security_center/static/8797.php
http://www.securityfocus.com/bid/4476
http://www.osvdb.org/3316
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:137
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:39

Copyright This script is Copyright (C) 2002 Matt Moore

This is only one of 24975 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	10936
Category:	CGI abuses : XSS
Title:	IIS XSS via 404 error
Summary:	Tests for IIS XSS via 404 errors
Description:	This IIS Server appears to vulnerable to one of the cross site scripting attacks described in MS02-018. The default '404' file returned by IIS uses scripting to output a link to top level domain part of the url requested. By crafting a particular URL it is possible to insert arbitrary script into the page for execution. The presence of this vulnerability also indicates that you are vulnerable to the other issues identified in MS02-018 (various remote buffer overflow and cross site scripting attacks...) References: http://www.microsoft.com/technet/security/bulletin/MS02-018.mspx http://jscript.dk/adv/TL001/ Risk factor : Medium
Cross-Ref:	BugTraq ID: 4476 BugTraq ID: 4483 BugTraq ID: 4486 Common Vulnerability Exposure (CVE) ID: CVE-2002-0148 Bugtraq: 20020410 IIS allows universal CrossSiteScripting (Google Search) Microsoft Security Bulletin: MS02-018 http://www.microsoft.com/technet/security/bulletin/ms02-018.asp http://www.cert.org/advisories/CA-2002-09.html Cisco Security Advisory: 20020415 Microsoft IIS Vulnerabilities in Cisco Products - MS02-018 http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml http://www.iss.net/security_center/static/8803.php CERT/CC vulnerability note: VU#886699 http://www.kb.cert.org/vuls/id/886699 http://www.securityfocus.com/bid/4486 http://www.osvdb.org/3339 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:81 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:92 Common Vulnerability Exposure (CVE) ID: CVE-2002-0150 CERT/CC vulnerability note: VU#454091 http://www.kb.cert.org/vuls/id/454091 http://www.iss.net/security_center/static/8797.php http://www.securityfocus.com/bid/4476 http://www.osvdb.org/3316 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:137 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:39
Copyright	This script is Copyright (C) 2002 Matt Moore