[2/5] OpenBSD bgplg “cmd” Cross-Site Scripting Vulnerability

January 31st, 2008 by

[2/5] OpenBSD bgplg “cmd” Cross-Site Scripting Vulnerability

:Alexandr Polyakov and Anton Karpov have reported a vulnerability in OpenBSD bgplg, which can be exploited by malicious people to conduct cross-site scripting attacks.Input via the "cmd" parameter to the bgplg cgi-bin script is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.The vulnerability is reported in OpenBSD 4.1. OpenBSD 4.2 may also be affected.Solution:Filter malicious characters and character sequences using a web proxy. Fixed in CVS repository.http://www.openbsd.org/cgi-bin/cvsweb…gplg.c.diff?r1=1.6&r2=1.7&f=hProvided and/or discovered by:Alexandr Polyakov and Anton Karpov, Digital Security Research GroupOriginal Advisory:http://www.mail-archive.com/misc@openbsd.org/msg49057.htmlhttp://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/bgplg/bgplg.c

Original post by Pankaj

[2/5] OpenBSD bgplg “cmd” Cross-Site Scripting Vulnerability

Related Articles:

[2/5] OpenBSD update for OpenSSH

[1/5] OpenBSD OpenSSH ForceCommand Bypass Weakness

[2/5] OpenBSD update for X.Org

[3/5] OpenBSD Two Denial of Service Vulnerabilities

[4/5] OpenBSD update for OpenSSL

Posted in Advisories - Exploits | | [2/5] OpenBSD bgplg “cmd” Cross-Site Scripting Vulnerability

<< [4/5] Gnumeric XLS HLINK Opcode Processing Code Execution Vulnerability | [2/5] Drupal Userpoints Module Cross-Site Request Forgery Vulnerability >>

Cybertrion Systems

[2/5] OpenBSD bgplg “cmd” Cross-Site Scripting Vulnerability

Categories

Archives:

Search:

Meta: