Update Protection against Apache mod_proxy_ftp XSS Vulnerability
| Check Point Reference: | CPAI-2008-222 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA31384
|
|
| Industry Reference(s): | CVE-2008-2939 US-CERT VU#663763 |
|
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Apache 2.0.x Apache 2.2.x | ||
| Vulnerability Description The Apache web server mod_proxy_ftp module is prone to a a cross-site scripting (XSS) vulnerability. The Apache mod_proxy_ftp module allows the Apache web server to act as a proxy for FTP sites. By sending a crafted URL to the module, an attacker can execute arbitrary HTML and script code in a user's browser session in the context of an affected site. |
||
|
Update/Patch Available Apache has released updates to address this issue: http://svn.apache.org/viewvc?view=rev&revision=682868 http://svn.apache.org/viewvc?view=rev&revision=682870 http://svn.apache.org/viewvc?view=rev&revision=682871 |
|
|
Vulnerability Details The mod_proxy_ftp module contains a vulnerability that occurs because the module does not properly sanitize input passed to the module via a URL containing a FTP wildcard character (e.g. "*"). This can be exploited to conduct cross site scripting attacks. |
Protection Overview
This protection will block FTP file listings containing javascript tags.
To configure the defense, select your product from the list below and follow the related protection steps.