Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 7 Sep 2010 13:29:24 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE request: XSS in nusoap

Please use CVE-2010-3070

Thanks.

-- 
    JB


----- "Raphael Geissert" <geissert@...ian.org> wrote:

> Hi,
> 
> A XSS vulnerability has been reported against the nusoap PHP library
> caused 
> by insufficient sanitation of untrusted data ($_SERVER['PHP_SELF']) --
> 
> CWE-79.
> 
> Original report against mantisbt:
> http://www.mantisbt.org/bugs/view.php?id=12312
> 
> Report against nusoap (and further references):
> http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005
> 
> The fixes proposed by David Hicks[1] (from mantisbt) add escaping to
> some 
> other variables, but I haven't verified if they are actually
> exploitable (if 
> that's so, the patch might need to pass the charset to htmlentities
> too.)
> 
> [1]http://git.mantisbt.org/?p=mantisbt.git;a=commit;h=edb817991b99cd5538f102be26865fde7c6b7212
> 
> Could a CVE id be assigned?
> 
> Thanks,
> -- 
> Raphael Geissert - Debian Developer
> www.debian.org - get.debian.net

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ