Bugtraq mailing list archives
Re: Remotely Anywhere 'Accept-Charset' Parameter NULL Pointer
From: patrick () aushack com
Date: Tue, 11 Mar 2008 14:03:56 +1100
Re: http://www.securityfocus.com/bid/28175 Remotely Anywhere 'Accept-Charset' Parameter NULL Pointer Denial Of Service Vulnerability I just thought I'd add (while you're at it) that there are a few other bugs. 1) There is a service 'RAMaint' (a watchdog task). It runs as LocalSystem (doesn't everything?!) and uses an unsafe (unquoted - c:\program.exe) path in versions earlier than v8. v8 and onwards uses an absolute path. 2) There is an XSS in the RemotelyAnywhere HTTP service, which you can use to steal cookies. Of course, you need to entice your target to visit the address and send the cookie somewhere. /img/<script>alert(document.cookie);</script>.html The error is interpreted by the browser as text/html. -Patrick
Current thread:
- Re: Remotely Anywhere 'Accept-Charset' Parameter NULL Pointer patrick (Mar 11)