Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 21 Jun 2014 15:16:23 +0200
From: Yves-Alexis Perez <>
To: oss-sec <>
Cc:, Eduard Bloch <>
Subject: Re: XSS vulnerability in apt-cacher-ng

On ven., 2014-06-20 at 12:06 +0200, Eduard Bloch wrote:
> Hello Security Team,
> I am sorry to report that one of my packages (with upstream hat on) has
> an XSS attack vulnerability. The way for the attacker to exploit this is
> to redirect the user's browser in a LAN to apt-cacher-ng server (which
> address the attacker has to know) with a manipulated URL. Since the
> location and TCP port of the cacher server are configurable, it's IMHO
> not totally easy to find but is still a good attack vector with insider
> knowledge.

> Here is the proposed fix:
> It simply doesn't show the path in the browser output, because it has no
> value there. It only needs to be in the http status line in order to be
> displayed in apt-get's messages, there is no need for users to visit
> such an URL and see that message.

it seems there is an XSS vulnerability present in apt-cacher-ng.
According to above text the issue looks minime, but I guess it still can
do with a CVE, could one be allocated?


Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ