Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [DSECRG-08-007] OpenBSD BGPD daemon Web Interface XSS.

From: Digital Security Research Group <research () dsec ru>
Date: Thu, 31 Jan 2008 20:19:04 +0300
version 4.2 is NOT affected, please alter it in advisory
http://secunia.com/advisories/28726/  and others.


Vendor  fix this flaw in cvs on 10.10.2007.
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/bgplg/bgplg.c

Updated version OpenBSD 4.2 which was released Nov 1, 2007 is NOT
vulnerable.






[#DSECRG-08-007] Digital Security Research Group [DSecRG] Advisory




Application:                    OpenBSD BGPD daemon
Versions Affected:              OpenBSD 4.1 
Vendor URL:                     http://openbsd.org
Bugs:                           XSS
Exploits:                       YES
Reported:                       10.10.2007
Vendor response:                10.10.2007
Date of Public Advisory:        31.01.2008
Authors:                        Alexandr Polyakov, Anton Karpov
                                Digital Security Research Group
[DSecRG] (research [at] dsec [dot] ru)





Description
***********



OpenBSD BGPD daemon Web Interface has XSS  vulnerability




History
********



http://www.mail-archive.com/misc () openbsd org/msg49057.html






Details
*******




Linked XSS vulnerability found in script /cgi-bin/bgplg attacker can inject XSS in parameter cmd



Example:




http://[server]/cgi-bin/bgplg?cmd=shov+version<script>alert('DSecRG XSS')</script>




Fix Information
***************



Vendor fix this flaw in cvs on 10.10.2007. Updated
version OpenBSD 4.2 which was released Nov 1, 2007. can be downloaded here:



http://openbsd.org





About
*****



Digital Security is leading IT security company in Russia,
providing information security consulting, audit and penetration
testing services, risk analysis and ISMS-related services and
certification for ISO/IEC 27001:2005 and PCI DSS standards. Digital
Security Research Group focuses on web application and database
security problems with vulnerability reports, advisories and
whitepapers posted regularly on our website.




Contact:        research [at] dsec [dot] ru
                http://www.dsec.ru (in Russian)









-- 
С уважением,
  Digital Security Research Group                           mailto:alexandr.polyakov () dsec ru
Previous By Date Next
Previous By Thread Next

Current thread: