Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Network Appliances :: napl5557.htm

CacheFlow CacheOS Cross-site Scripting Vulnerability

Better a bottle in front of me than a frontal lobotomy.

25th Jul 2002 [SBWID-5557]
COMMAND

	CacheFlow CacheOS Cross-site Scripting Vulnerability

SYSTEMS AFFECTED

	CacheFlow CacheOS CA 4.1.06 and earlier.
	

	Confirmed by CA 3.1.17,  Release  ID:  15403;  CA  4.0.14,  Release  ID:
	17085; CA 4.1.06, Release ID: 17757

PROBLEM

	T.Suzuki of Reflection Inc. / Chukyo University says :
	

	CacheFlow neglect to escape the characters  such  as  "<",">","&"
	in the path in the "unresolve" error messages, and pass the  message  to
	the browsers as HTML.
	  

	Browsers using vulnerable CacheFlow may send the private cookies to  the
	attacker by the evil code such as
	

	   http://dummy.example.com/<script>EVIL CODE</script> .

	

	

	 Example

	 =======

	

	Type http://nonexistent.example.com/<s>test</s>
	

	Error

	

	Problem Report

	

	The system detected an Unresolved Host Name while attempting to retrieve

	the URL: http://nonexistent.example.com/test. <- strike through on test

	Message ID UNRESOLVED_HOSTNAME

	

SOLUTION

	Get CacheOS V4.1.07 (2002/07/15 Release)
	

	http://download.cacheflow.com/release/CA/4.1.00-docs/CACacheOS41fixes.htm

	

	

	


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH