Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [DRUPAL-SA-2005-008] Drupal 4.6.4 / 4.5.6 fixes XSS and HTTP header injection issue

From: "Amit Klein (AKsecurity)" <aksecurity () hotpop com>
Date: Fri, 02 Dec 2005 10:34:30 +0200
On 1 Dec 2005 at 16:45, Uwe Hermann wrote:


----------------------------------------------------------------------------
Drupal security advisory                                  DRUPAL-SA-2005-008
----------------------------------------------------------------------------
Advisory ID:    DRUPAL-SA-2005-008
Project:        Drupal core
Date:           2005-11-30
Security risk:  less critical
Impact:         normal
Where:          from remote
Vulnerability:  XSS, HTTP header injection
----------------------------------------------------------------------------

Description
-----------
Paul Laudanski informed us that it's possible to attach files that are able
to run Javascript under Internet Explorer.

Further investigation of the problem revealed that the same method can be
used to inject arbitrary HTTP headers.



Would this injection be in the context of the HTTP response stream (i.e. HTTP Response 
Splitting?)

-Amit
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: