CERT-In Vulnerability Note CIVN-2008-119
Apache mod_proxy_ftp module Cross-Site Scripting Vulnerability

Original Issue Date: August 07, 2008

Severity Rating: Medium

System Affected

• Apache Software Foundation Apache 2.2.9 and earlier
• Apache Software Foundation Apache 2.0.63 and earlier

Overview

A vulnerability has been reported in Apache HTTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks.

Description

This vulnerability is due to an input validation error in the mod_proxy_ftp module of Apache HTTP Server. An attacker could exploit this issue to execute arbitrary web script or HTML via wildcards in a pathname in an FTP URI. This may help the attacker to steal cookie-based authentication credentials and launch other attacks.

Solution

This issue is fixed in Apache SVN repository.

http://svn.apache.org/viewvc?view=rev&revision=682871
http://svn.apache.org/viewvc?view=rev&revision=682868

Vendor Information

Apache HTTP Server Project
http://httpd.apache.org/

References

Secunia
http://secunia.com/advisories/31384/

SecurityFocus
http://www.securityfocus.com/bid/30560

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003