From owner-freebsd-bugs@FreeBSD.ORG Sun Sep 28 09:50:06 2003 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3C32C16A4B3 for ; Sun, 28 Sep 2003 09:50:06 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id C70A844028 for ; Sun, 28 Sep 2003 09:50:03 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h8SGo3FY044842 for ; Sun, 28 Sep 2003 09:50:03 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h8SGo3kr044841; Sun, 28 Sep 2003 09:50:03 -0700 (PDT) (envelope-from gnats) Resent-Date: Sun, 28 Sep 2003 09:50:03 -0700 (PDT) Resent-Message-Id: <200309281650.h8SGo3kr044841@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, IIJIMA Hiromitsu Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0DC4916A4B3 for ; Sun, 28 Sep 2003 09:46:35 -0700 (PDT) Received: from sodans.usata.org (sodans.usata.org [61.211.239.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id 701CC43FEA for ; Sun, 28 Sep 2003 09:46:33 -0700 (PDT) (envelope-from delmonta@sodans.usata.org) Received: by sodans.usata.org (Postfix, from userid 1000) id 9ABC6A97F; Mon, 29 Sep 2003 01:46:32 +0900 (JST) Message-Id: <20030928164632.9ABC6A97F@sodans.usata.org> Date: Mon, 29 Sep 2003 01:46:32 +0900 (JST) From: IIJIMA Hiromitsu To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: bin/57323: CGI.pm in ports/lang/perl5* have a cross-site scripting vulneravility X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: IIJIMA Hiromitsu List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Sep 2003 16:50:06 -0000 >Number: 57323 >Category: bin >Synopsis: CGI.pm in ports/lang/perl5* have a cross-site scripting vulneravility >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Sep 28 09:50:03 PDT 2003 >Closed-Date: >Last-Modified: >Originator: IIJIMA Hiromitsu >Release: FreeBSD 4.7-RELEASE-p3 i386 >Organization: DENNOU GEDOU GAKKAI, N. D. D. http://www.dennougedougakkai-ndd.org >Environment: System: FreeBSD sodans.usata.org 4.7-RELEASE-p3 FreeBSD 4.7-RELEASE-p3 #0: Wed Jan 22 14:50:19 JST 2003 root@www.my.domain:/usr/src/sys/compile/RENTALv6 i386 Userland is upgraded to -p16, while the kernel is still -p3. >Description: A cross-site scripting vulnerability is reported in CGI.pm. All of the following are affected: - 4.x base system's perl 5.005_03 - ports/japanese/perl5 (5.005_03 with Japanese patch) - ports/lang/perl5 (5.6.1) - ports/lang/perl5.8 (5.8.0) I have sent separate PRs for 4.x base system and japanese/perl5. >How-To-Repeat: See the exploit code at: http://marc.theaimsgroup.com/?l=bugtraq&m=105880349328877&w=2 >Fix: Replace CGI.pm with a newer one, or force all users to install ports/www/p5-CGI.pm. >Release-Note: >Audit-Trail: >Unformatted: