[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Colbalt-RAQ-v4-Bugs&Vulnerabilities -- Possible fix
- Subject: [cobalt-users] Colbalt-RAQ-v4-Bugs&Vulnerabilities -- Possible fix
- From: "DIGS Ltd - Denis Tanguay, P.Eng." <denis@xxxxxxx>
- Date: Sat Mar 2 06:47:01 2002
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Not sure if anybody seen these.
There apply to RAQ2,3 and 4.
The remedy are easy to apply.
Denis
www.digs.ca
-----Original Message-----
From: Peter N. Go [mailto:peter@xxxxxxxxxxxx]
Sent: Friday, March 01, 2002 3:21 AM
To: bugtraq@xxxxxxxxxxxxxxxxx
Cc: al3xhernandez@xxxxxxxxxx
Subject: Re: Colbalt-RAQ-v4-Bugs&Vulnerabilities
Here are some possible solutions for the items enumerated and described by
Mr. Alex Hernandez in his "Colbalt-RAQ-v4-Bugs&Vulnerabilities" message.
------------------------
1. CROSS SITE SCRIPTING.
------------------------
Possible workaround: Instead of deleting or disabling the "service.cgi"
file, edit the file and add a line that strips out HTML tags. Something
like this:
$service =~ s/<([^>])*>//g;
This may be added after this line in the code:
my $service = $q->param('service');
-----------------------------
2. TRAVERSAL VULNERABILITIES.
-----------------------------
Possible workaround: Create an .htaccess file in the /usr/admserv/html
directory with the following entry:
<Files .htaccess>
Order allow,deny
Deny from all
</Files>
This should prevent all .htaccess files from being viewed by any web
browser.
---------------------
3. DENIAL OF SERVICE.
---------------------
Possible workaround: Again, in the "service.cgi" file, add a simple check
for the length of the string passed. In this example, if the string is >
500 chars, the program exits.
if (length($service) > 500) { exit; }
Hope these info somehow help.
Peter N. Go
Site Owner/Administrator
CGI City - http://CGI-City.net/
mailto:cgicity@xxxxxxxxxx