Novell NetWare Perl Handler Cross-Site Scripting Vulnerability
BID:9991
Info
Novell NetWare Perl Handler Cross-Site Scripting Vulnerability
| Bugtraq ID: | 9991 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 24 2004 12:00AM |
| Updated: | Feb 24 2004 12:00AM |
| Credit: | The vendor announced this vulnerability. |
| Vulnerable: |
Novell Netware 6.0 SP3 Novell Netware 6.0 SP2 Novell Netware 6.0 SP1 Novell Netware 6.0 Novell Netware 5.1 SP6 Novell Netware 5.1 SP4 Novell Netware 5.1 SP5 Novell Netware 5.1 Netscape Enterprise Server for NetWare 4/5 5.0 Netscape Enterprise Server for NetWare 4/5 4.1.1 Netscape Enterprise Server for NetWare 4/5 3.0.7 a |
| Not Vulnerable: | |
Discussion
Novell NetWare Perl Handler Cross-Site Scripting Vulnerability
Novell NetWare PERL handler has been reported prone to an undisclosed cross-site scripting vulnerability.
This issue could permit a remote attacker to create a malicious link to a vulnerable web application that was created using PERL, the link may include hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user.
Novell NetWare PERL handler has been reported prone to an undisclosed cross-site scripting vulnerability.
This issue could permit a remote attacker to create a malicious link to a vulnerable web application that was created using PERL, the link may include hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user.
Exploit / POC
Novell NetWare Perl Handler Cross-Site Scripting Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Novell NetWare Perl Handler Cross-Site Scripting Vulnerability
Solution:
A vendor supplied fix, CSP 8 for NetWare 5.1 and CSP 5 for NetWare 6 is pending release; see the referenced advisory (TID10091529) for further details.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
A vendor supplied fix, CSP 8 for NetWare 5.1 and CSP 5 for NetWare 6 is pending release; see the referenced advisory (TID10091529) for further details.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.