Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability
====================================================

There is a Cross-Site-Scripting Vulnerability in Fastream
NetFile FTP/Webserver Version 6.0.3.588.

Requesting a non existing URL will give a "404 Not Found" answer,
containing the requested URL. It is not checked if the URL contains
script code.

Exploiting:
-----------
http://webserver/<script>alert("bang")</script>

Vendor:
-------
http://www.fastream.com/NETFileServer

Credit:
-------
Oliver.Karow[AT]gmx.de
www.oliverkarow.de
28.10.2003