[UNIX] Cross Site Scripting Vulnerability In CPAN WWW::Form Perl Module

From: SecuriTeam (support_at_securiteam.com)
Date: 01/29/04

  • Next message: SecuriTeam: "[EXPL] Serv-U FTPD "SITE CHMOD" Command Remote Exploit" 
    To: list@securiteam.com
Date: 29 Jan 2004 16:03:57 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Cross Site Scripting Vulnerability In CPAN WWW::Form Perl Module
    ------------------------------------------------------------------------

    SUMMARY

     <http://search.cpan.org/dist/WWW-Form/Form.pm> WWW::Form is a "simple and
    extendable module that allows developers to handle HTML form validation
    and display flexibly and consistently."

    The WWW::Form module contains several bugs which opens the possibility for
    a cross site scripting attack.

    DETAILS

    Vulnerable Systems:
     * WWW::Form version 1.12 and prior

    Immune Systems:
     * WWW::Form version 1.13

    The CPAN WWW::Form contains sections of code that open the possibility for
    a cross-site-scripting attack. An excerpt from the latest vulnerable
    version is presented below:

    1160: my $inputHTML = "< input type='$field->{type}'"
    1161:. " name='$fieldName' id='$fieldName' value='";
    1162:
    1163: if ($field->{type} eq 'checkbox') {
    1164: $inputHTML .= $field->{defaultValue};
    1165: }
    1166: else {
    1167: $inputHTML .= $field->{value};
    1168: }

    1314: $textarea .= ">";
    1315:
    1316: $textarea .= $field->{value};
    1317:
    1318: $textarea .= "< /textarea>";

    Patch Availability:
    There is no patch available but upgrading to version 1.13 solves the
    problem.

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:shlomif@iglu.org.il> Shlomi
    Fish

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[EXPL] Serv-U FTPD "SITE CHMOD" Command Remote Exploit"

    Relevant Pages