TRACKtheCLICK Script Injection Vulnerabilities

To: <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: TRACKtheCLICK Script Injection Vulnerabilities
From: "BrainRawt" <brainrawt@xxxxxxxxxxx>
Date: Sat, 11 Oct 2003 01:32:25 -0500
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

 Scripts4webmasters.com TRACKtheCLICK Script Injection Vulnerabilities 
 Discovered By Chris Rahm (aka: BrainRawt) (brainrawt@xxxxxxxxxxx)


 About TRACKtheCLICK:
 --------------------
 A perl coded CGI that tracks your email, ezine, banner, and web site 
 links. TRACKtheCLICK outputs log information to a data file that in
 return is viewable in an organized HTML format through the use of
 another CGI called admin.cgi.

 TRACKtheCLICK can be downloaded from the following address.

 http://www.scripts4webmasters.com/clicktracking/index.shtml

 Vulnerable Version:
 -------------------
 Version 1.0


 Vendor Contact:
 ----------------
 10-5-03  - Emailed webmaster@xxxxxxxxxxxxxxxxxxxxxx
 
 10-10-03 - No Response 


 Vulnerability:
 ----------------
 Due to a lack of filtering in click.cgi, scalars $agent and $referer are
 vulnerable to script injection.  An individual can inject malicious code
 to the data file by spoofing their User-Agent: and/or Referer:.  When the
 data file is opened by admin.cgi, the injected code will be executed by 
 that persons browser.

 --------------------------------------------------------------------------

Prev by Date: RE: Bad news on RPC DCOM vulnerability
Next by Date: Gallery 1.4 including file vulnerability
Previous by thread: Concern about Checkpoint and SSL Vulnerability
Next by thread: Gallery 1.4 including file vulnerability
Index(es):
- Date
- Thread