oss-sec mailing list archives

CVE Request -- Dancer.pm / perl-Dancer / libdancer-perl: Newline injection due to improper CRLF escaping in cookie() and cookies() methods (different vulnerability than CVE-2012-5526)

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 26 Nov 2012 13:06:55 -0500 (EST)

Hello Kurt, Steve, vendors,

  a security flaw was found in the way Dancer.pm,
lightweight yet powerful web application framework
/ Perl language module, performed sanitization of
values to be used for cookie() and cookies() methods.
A remote attacker could use this flaw to inject arbitrary
headers into responses from (Perl) applications, that use
Dancer.pm. A different vulnerability than CVE-2012-5526.

References:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694279
[2] https://github.com/sukria/Dancer/issues/859
[3] https://bugzilla.redhat.com/show_bug.cgi?id=880329

Could you allocate a CVE id for this?

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

P.S.: The issue is different / unrelated than similar
      recent CGI.pm, CVE-2012-5526, flaw (the presence
      / absence of the CGI.pm CVE-2012-5526 fix doesn't
      have impact on it).

Current thread:

CVE Request -- Dancer.pm / perl-Dancer / libdancer-perl: Newline injection due to improper CRLF escaping in cookie() and cookies() methods (different vulnerability than CVE-2012-5526) Jan Lieskovsky (Nov 26)
- Re: CVE Request -- Dancer.pm / perl-Dancer / libdancer-perl: Newline injection due to improper CRLF escaping in cookie() and cookies() methods (different vulnerability than CVE-2012-5526) Kurt Seifried (Nov 26)