Bugtraq mailing list archives
XSS in Python Documentation Server
From: "euronymous" <just-a-user () yandex ru>
Date: Wed, 2 Apr 2003 20:07:09 +0400 (MSD)
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: XSS in Python Documentation Server product: Python 2.2.2 and 2.3a2 for Win32 vendor: http://www.python.org risk: low date: 04/02/2k3 tested platform: Windows 98 Second Edition discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/020.en.txt http://f0kp.iplus.ru/bz/020.ru.txt contact email: euronymous () iplus ru =:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= description ----------- Python Documentation Server is listen on port 7464. You can exploit cross-site scripting bug with error page of this server: http://hostname:7464/<script>very_evil_code</script> shouts: R00tC0de, DWC, DHG, HUNGOSH, security.nnov.ru, all russian security guyz!! to kate especially )) f*ck_off: slavomira and other dirty ppl in *.kz $#%&^! k0dsweb f*cking team ================ im not a lame, not yet a hacker ================
Current thread:
- XSS in Python Documentation Server euronymous (Apr 02)