oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: cgiemail multiple vulnerabilities

From: <cve-assign () mitre org>
Date: Sat, 28 Jan 2017 17:40:36 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


https://news.cpanel.com/tsr-2017-0001-full-disclosure


It is possible that the upstream distribution is unmaintained because the
latest release is from about 19 years ago:

  http://web.mit.edu/wwwdev/cgiemail/webmaster.html#1.6


[] SEC-212 Format string injection

The ability to supply arbitrary format strings to cgiemail and
cgiecho allowed code execution whenever a user was able to provide a
cgiemail template file.


Use CVE-2017-5613.



[] SEC-214 Open redirect

The cgiemail and cgiecho binaries served as an open redirect due to
their handling of the success and failure parameters.


Use CVE-2017-5614.



[] SEC-215 HTTP header injection

The handling of redirects in cgiemail and cgiecho did not protect
against the injection of additional HTTP headers.


Use CVE-2017-5615.



[] Reflected XSS vulnerability

The "addendum" parameter was reflected without any escaping in
success and error messages produced by cgiemail and cgiecho.


Use CVE-2017-5616.


- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYjR2WAAoJEHb/MwWLVhi2TIsQAIJf9c1Txc5RZd1IfaRu/Hll
nGPmkbzxzb8ZRTzI0pkgwGEnt0oFgjOamkFY3xL52glZp9ptvqs/aKRl0DXFI3U5
8DzEhOHUOZEr4JGGswyIIhopz1rMXaOQXfQj/Uv3Z6097L7BLOMMHn/3SYSSltan
yRy1j1Noa/RP2fmb1VgznewEnXeO+wOwX4j2Oq/PBh+glNkx2VDZnZM+cEF4H2sN
FrsDmd6r1vupzBj7Ret/SfgUMTXYkkIO0r3LafeaeOrvC5+dJI/U+pezUCj9aDIZ
spb6lMUkBrz9njFBzEP4XYvyNGtnIFcM8UJIrU1t+XVihqBgiRb0HGpogGuXmmf3
N3prECUA5JQdk3co8MTgK+6Vo7glmJxlEwJJelq4Pksckra0oygMJdpRKxnMva04
eOhb4NcfRtZxeRxo/Cl1IWEVV8oc0QK2MQMjtWMNDMck9cWrcdcoTKt7KlBxcfg1
5Yzi2ZBzgfH2tGMJQD12+UhHMEDDL2SLSFNGU3j6z2ZPOuq0AzmM1ul+Mt3OoPla
yz3wrPJtKlj9N3sUYzO4g+vZvLbEJr+g0DgnYJK0tDXN90gjxUBU4DRA50YOXLKR
wnTs21ncGqEPlpRQ3TjXptbqZ0bdbFnIugRjqn6AIqmEQgaQsmKveDYq+gvHt0PH
Y+94UdCb9f/0Hi04Ouqz
=fGzB
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: