oss-sec mailing list archives
CVE request: cgiemail multiple vulnerabilities
From: Sébastien Delafond <seb () debian org>
Date: Fri, 20 Jan 2017 07:20:33 +0000 (UTC)
Hello, the Debian security team would like to request CVEs for the following vulnerabilities in cgiemail, all discovered by the cPanel Security Team, and made public in their TSR-2017-0001 advisory[0]: * SEC-212 Format string injection The ability to supply arbitrary format strings to cgiemail and cgiecho allowed code execution whenever a user was able to provide a cgiemail template file. * SEC-214 Open redirect The cgiemail and cgiecho binaries served as an open redirect due to their handling of the “success” and “failure” parameters. * SEC-215 HTTP header injection The handling of redirects in cgiemail and cgiecho did not protect against the injection of additional HTTP headers. * Reflected XSS vulnerability The "addendum" parameter was reflected without any escaping in success and error messages produced by cgiemail and cgiecho. Cheers, --Seb [0] https://news.cpanel.com/tsr-2017-0001-full-disclosure
Current thread:
- CVE request: cgiemail multiple vulnerabilities Sébastien Delafond (Jan 20)
- Re: CVE request: cgiemail multiple vulnerabilities cve-assign (Jan 28)