drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Cross-Site Scripting in cgiwrap
Name: |
Cross-Site Scripting in cgiwrap |
|
ID: |
TLSA-2008-32 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux Appliance Server 2.0, Turbolinux Appliance Server 3.0, Turbolinux Appliance Server 3.0 x64 Edition, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
Datum: |
Mi, 10. September 2008, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2852 |
|
Applikationen: |
cgiwrap |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2008-32 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 09 Sep 2008 Last revised: 09 Sep 2008
Package: cgiwrap
Summary: Cross-site scripting (XSS) vulnerability
More information: CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server.
Cross-site scripting (XSS) vulnerability in CGIWrap before 4.1, when an Internet Explorer based browser is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to failure to set the charset in error messages. (CVE-2008-2852)
Affected Products: - Turbolinux Appliance Server 3.0 x64 Edition - Turbolinux Appliance Server 3.0 - Turbolinux Appliance Server 2.0 - Turbolinux Appliance Server 1.0 Hosting Edition - Turbolinux Appliance Server 1.0 Workgroup Edition
<Turbolinux Appliance Server 3.0 x64 Edition>
Source Packages Size: MD5
cgiwrap-3.9-7.src.rpm 151699 79c1d07b1ac282610cbe355de7905a77 turbolinux-tlas-3.0-20070411TL5.src.rpm 17616 93a1a9f4e964466ed69fe367e5e998fd
Binary Packages Size: MD5
cgiwrap-3.9-7.x86_64.rpm 47808 a5080fc36536e6fc001cae6077d169df turbolinux-tlas-capstone-3.0-20070411TL5.noarch.rpm 9347 99c0f9a2869ae14a42b9460d9f49bf3e turbolinux-tlas-glue-3.0-20070411TL5.noarch.rpm 11839 0e96979f89381839f1b26822d5c24498
<Turbolinux Appliance Server 3.0>
Source Packages Size: MD5
cgiwrap-3.9-7.src.rpm 151699 79c1d07b1ac282610cbe355de7905a77
Binary Packages Size: MD5
cgiwrap-3.9-7.i686.rpm 46143 076009f67e6012ab091302a166527c2f
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
cgiwrap-3.9-7.src.rpm 151699 8c822157ed2e8ad3e7bd4354a4339be8
Binary Packages Size: MD5
cgiwrap-3.9-7.i586.rpm 44974 c8c4d6a447686ab76c9013340792ad9f
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages Size: MD5
cgiwrap-3.9-7.src.rpm 151699 2d33dbd84c783f7344ca93e79a16b8bd
Binary Packages Size: MD5
cgiwrap-3.9-7.i586.rpm 41607 6630501a5ed74a990f8cb2b78b6c89e7
References:
CVE [CVE-2008-2852] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2852
-------------------------------------------------------------------------- Revision History 09 Sep 2008 Initial release --------------------------------------------------------------------------
Copyright(C) 2008 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkjGUHgACgkQK0LzjOqIJMxpPQCfQOp74WQrW1xnkMIEUzWU01sK me4AoLJl58Pfa78jQplSHl5PIlnay+Sp =AfZ1 -----END PGP SIGNATURE-----
|
|
|
|