[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE Request: Security issue in backuppc
From: Jamie Strandboge <jamie () canonical ! com>
Date: 2011-10-27 21:00:48
Message-ID: 1319749248.4817.11.camel () localhost
[Download RAW message or body]
[Attachment #2 (multipart/mixed)]
Hi Craig,
While preparing updates to fix CVE-2011-3361 in Ubuntu I discovered
another XSS vulnerability in View.pm when accessing the following URLs
in backuppc:
index.cgi?action=view&type=XferLOG&num=<XSS here>&host=<some host>
index.cgi?action=view&type=XferErr&num=<XSS here>&host=<some host>
You are being emailed as the upstream contact. Please keep
oss-security@lists.openwall.com[1] CC'd for any updates on this issue.
To oss-security, can I have a CVE for this? It is essentially the same
vulnerability and fix as for CVE-2011-3361, but in CGI/View.pm instead
of CGI/Browse.pm. Attached is a patch to fix this issue. Tested on
3.0.0, 3.1.0, 3.2.0 and 3.2.1.
--
Jamie Strandboge | http://www.canonical.com
["view.diff" (view.diff)]
diff -u backuppc-3.2.0/lib/BackupPC/CGI/View.pm backuppc-3.2.0/lib/BackupPC/CGI/View.pm
--- backuppc-3.2.0/lib/BackupPC/CGI/View.pm
+++ backuppc-3.2.0/lib/BackupPC/CGI/View.pm
@@ -46,7 +46,7 @@
my $compress = 0;
my $fh;
my $host = $In{host};
- my $num = $In{num};
+ my $num = ${EscHTML($In{num})};
my $type = $In{type};
my $linkHosts = 0;
my($file, $comment);
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic