| Check Point Reference: |
CPAI-2008-226 |
| Date Published: |
19 Sep 2008 |
| Severity: |
Medium
|
| Last Updated: |
Tuesday 01 January, 2008 |
| Source: |
Secunia Advisory: SA31384 |
| Industry Reference: | CVE-2008-2939
US-CERT VU#663763 |
| Protection Provided by: |
|
| Who is Vulnerable? | Apache Software Foundation HTTP Server 2.0.63 and prior
Apache Software Foundation HTTP Server 2.2.9 and prior |
| Vulnerability Description |
A cross site scripting vulnerability exists in Apache web server mod_proxy_ftp module. The Apache HTTP server is the most popular web server used on the Internet. The Apache mod_proxy_ftp module allows the Apache web server to act as a proxy for FTP sites. The mod_proxy_ftp module fails to properly sanitize user-supplied input. By supplying a crafted FTP URL, a remote attacker may be able to execute arbitrary Javascript in the context of a site being proxied by the Apache server. This may allow an attacker to steal cookies (including authentication cookies) and launch other attacks. |
| Update/Patch Avaliable | Apache has released updates to address this issue:
http://svn.apache.org/viewvc?view=rev&revision=682868
http://svn.apache.org/viewvc?view=rev&revision=682868
http://svn.apache.org/viewvc?view=rev&revision=682871 |
| Vulnerability Details | The flaw is due to improper globbing on the part of the mod_proxy_ftp module. Apache Filename globbing is the process of using wildcards to match filenames. The mod_proxy_ftp module fails to properly filter globbed characters in FTP URIs. Successful exploitation would result in compromise of target user’s cookies associated with the site and modification of user information. |
Feedback