[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: bug of script injection in shoutcast servers
From: mantasjadzevicius () vecro ! lt
Date: 2006-06-08 13:29:11
Message-ID: 20060608132911.15498.qmail () securityfocus ! com
[Download RAW message or body]
Vulnerable Systems:
All shoutcast servers!!
I found an error in shoutcast server.
Then I'm connecting to the server I type in the DJ columns( you can type in all \
columns) for exmple script pvz.: <script>alert("boo");</script>
<script>location.href="google.com";</script>
or else...
So then you go to http://radio.com:port and will be executed script.
Mantas Jadzevičius a.k.a UZUZZ
mantasjadzevicius@vecro.lt
irc: irc.data.lt #security
2006
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic