[VulnWatch] Apache Illegal Request Handling Possible XSS Vulnerability

From: Michal Majchrowicz (m.majchrowicz@private)
Date: Tue Apr 24 2007 - 01:53:26 PDT

Previous message: Michal Majchrowicz: "[VulnWatch] Apache/PHP REQUEST_METHOD XSS Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi.
I think now we can classify this as flaw in Apache. It accepts
requests that simply make no sense. Take a look at this example:
<script>alert(document.cookie);</script> /test.php
<script>alert(document.cookie);</script>
In some circumstances it may cause XSS vulnerability:
<?php
        echo $_SERVER['REQUEST_METHOD'];
        echo $_SERVER['SERVER_PROTOCOL'];
?>
I am now investigating other possible attacks.
Regards Michal Majchrowicz.

Previous message: Michal Majchrowicz: "[VulnWatch] Apache/PHP REQUEST_METHOD XSS Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Tue Apr 24 2007 - 12:33:33 PDT