Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Colbalt-RAQ-v4-Bugs&Vulnerabilities
From: "Peter N. Go" <peter () arachinc com>
Date: Fri, 01 Mar 2002 19:20:39 +0800

Here are some possible solutions for the items enumerated and described by
Mr. Alex Hernandez in his "Colbalt-RAQ-v4-Bugs&Vulnerabilities" message.

------------------------
1. CROSS SITE SCRIPTING.
------------------------
Possible workaround: Instead of deleting or disabling the "service.cgi"
file, edit the file and add a line that strips out HTML tags. Something
like this:

$service =~ s/<([^>])*>//g;

This may be added after this line in the code:

my $service = $q->param('service');


-----------------------------
2. TRAVERSAL VULNERABILITIES.
-----------------------------
Possible workaround: Create an .htaccess file in the /usr/admserv/html
directory with the following entry:

<Files .htaccess>
    Order allow,deny
    Deny from all
</Files>

This should prevent all .htaccess files from being viewed by any web browser.


---------------------
3. DENIAL OF SERVICE.
---------------------
Possible workaround: Again, in the "service.cgi" file, add a simple check
for the length of the string passed. In this example, if the string is >
500 chars, the program exits.

if (length($service) > 500) { exit; }


Hope these info somehow help.



Peter N. Go
Site Owner/Administrator
CGI City - http://CGI-City.net/
mailto:cgicity () icthus net



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]