lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080710165320.11797.qmail@securityfocus.com>
Date: 10 Jul 2008 16:53:20 -0000
From: mcalautt@...il.com
To: bugtraq@...urityfocus.com
Subject: Re: PR07-37: XSS on Apache HTTP Server 413 error pages via
 malformed HTTP method

what happens when you add a customer 413 page
and the test script still says its vul ?

is the script not working ?

 ../bin/httpd -V
Server version: Apache/2.0.54
Server built:   Jul 25 2007 17:21:43
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/worker"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D HTTPD_ROOT="/usr/local/apache2"
 -D SUEXEC_BIN="/usr/local/apache2/bin/suexec"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

grep 413 httpd.conf
     ErrorDocument 413 /error/413.html


./scan-413.sh localhost
localhost is VULNERABLE!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ