GoogleOSV:DLA-68-1fex - security update
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
When inserting encoded newline characters into a request to rup,
additional HTTP headers can be injected into the reply, as well
as new HTML code on the top of the website.
- [CVE-2014-3876]
The parameter akey is reflected unfiltered as part of the HTML
page. Some characters are forbidden in the GET parameter due
to filtering of the URL, but this can be circumvented by using
a POST parameter.
Nevertheless, this issue is exploitable via the GET parameter
alone, with some user interaction. - [CVE-2014-3877]
The parameter addto is reflected only slightly filtered back to
the user as part of the HTML page. Some characters are forbidden
in the GET parameter due to filtering of the URL, but this can
be circumvented by using a POST parameter. Nevertheless, this
issue is exploitable via the GET parameter alone, with some user
interaction.
For Debian 6 Squeeze, these issues have been fixed in fex version 20100208+debian1-1+squeeze4
References
Related
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N