Pegasi Web Server Multiple Input Validation Vulnerabilities
BID:9847
Info
Pegasi Web Server Multiple Input Validation Vulnerabilities
| Bugtraq ID: | 9847 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 11 2004 12:00AM |
| Updated: | Mar 11 2004 12:00AM |
| Credit: | Discovery is credited to Donato Ferrante <[email protected]>. |
| Vulnerable: |
Pegasi Web Server Pegasi Web Server 0.2.2 |
| Not Vulnerable: |
Pegasi Web Server Pegasi Web Server 0.2.3 |
Discussion
Pegasi Web Server Multiple Input Validation Vulnerabilities
Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. A successful cross-site scripting attack may make it possible for an attacker to create a malicious link to a vulnerable site that includes hostile HTML and script code. This code may be rendered in the browser of a victim user who visits the malicious link and this will occur in the security context of the site hosting the software. The directory traversal vulnerability may allow a malicious user to request files outside of the web-server root directory with directory traversal strings such as '../'.
Pegasi Web Server version 0.2.2 has been reported to be prone to these issues, however, it is possible that other versions are affected as well.
Multiple vulnerabilities have been identified in the application that may allow a remote attacker to carry out directory traversal and cross-site scripting attacks. A successful cross-site scripting attack may make it possible for an attacker to create a malicious link to a vulnerable site that includes hostile HTML and script code. This code may be rendered in the browser of a victim user who visits the malicious link and this will occur in the security context of the site hosting the software. The directory traversal vulnerability may allow a malicious user to request files outside of the web-server root directory with directory traversal strings such as '../'.
Pegasi Web Server version 0.2.2 has been reported to be prone to these issues, however, it is possible that other versions are affected as well.
Exploit / POC
Pegasi Web Server Multiple Input Validation Vulnerabilities
No exploit is required.
The following proof of concept examples have been provided:
http://www.example.com/../../../../etc/passwd
http://www.example.com/../
http://www.example.com/<script>alert("Test")</script>
No exploit is required.
The following proof of concept examples have been provided:
http://www.example.com/../../../../etc/passwd
http://www.example.com/../
http://www.example.com/<script>alert("Test")</script>
Solution / Fix
Pegasi Web Server Multiple Input Validation Vulnerabilities
Solution:
The vendor has released an update to address the issues described in this BID. Users who are potentially affected are advised to apply this upgrade as soon as possible.
Pegasi Web Server Pegasi Web Server 0.2.2
Solution:
The vendor has released an update to address the issues described in this BID. Users who are potentially affected are advised to apply this upgrade as soon as possible.
Pegasi Web Server Pegasi Web Server 0.2.2
-
Jan De Luyck pws-0.2.3.tar.gz
http://prdownloads.sourceforge.net/pws/pws-0.2.3.tar.gz?download
References
Pegasi Web Server Multiple Input Validation Vulnerabilities
References:
References:
- Product Page (Pegasi Web Server)
- Multiple Vulnerabilities in PWS 0.2.2 ("Donato Ferrante"
- Re: Multiple Vulnerabilities in PWS 0.2.2 (Jan De Luyck