[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: XSS vulnerability in apt-cacher-ng
From: Yves-Alexis Perez <corsac () debian ! org>
Date: 2014-06-21 13:16:23
Message-ID: 1403356583.1710.8.camel () scapa
[Download RAW message or body]
On ven., 2014-06-20 at 12:06 +0200, Eduard Bloch wrote:
> Hello Security Team,
>
> I am sorry to report that one of my packages (with upstream hat on) has
> an XSS attack vulnerability. The way for the attacker to exploit this is
> to redirect the user's browser in a LAN to apt-cacher-ng server (which
> address the attacker has to know) with a manipulated URL. Since the
> location and TCP port of the cacher server are configurable, it's IMHO
> not totally easy to find but is still a good attack vector with insider
> knowledge.
>
> Here is the proposed fix:
>
> http://anonscm.debian.org/gitweb/?p=apt-cacher-ng/apt-cacher-ng.git;a=commitdiff;h=6f08e6a3995d1bed4e837889a3945b6dc650f6ad
>
> It simply doesn't show the path in the browser output, because it has no
> value there. It only needs to be in the http status line in order to be
> displayed in apt-get's messages, there is no need for users to visit
> such an URL and see that message.
>
Hi,
it seems there is an XSS vulnerability present in apt-cacher-ng.
According to above text the issue looks minime, but I guess it still can
do with a CVE, could one be allocated?
Regards,
--
Yves-Alexis
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic