Package : man2hhtml
Vulnerability : missing input sanitization
Problem type : remote
Debian-specific: yes
CVE ID : CVE-2011-2770
Tim Starling discovered that the Debian-native CGI wrapper for man2html,
a program to convert UNIX man pages to HTML, is not properly escaping
user-supplied input when displaying various error messages. A remote
attacker can exploit this flaw to conduct cross-site scripting (XSS)
attacks.
For the oldstable distribution (lenny), this problem has been fixed in
version 1.6f-3+lenny1.
For the stable distribution (squeeze), this problem has been fixed in
version 1.6f+repack-1+squeeze1.
For the testing distribution (wheezy), this problem has been fixed in
version 1.6g-6.
For the unstable distribution (sid), this problem has been fixed in
version 1.6g-6.
We recommend that you upgrade your man2html packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
{"id": "SECURITYVULNS:DOC:27295", "bulletinFamily": "software", "title": "[SECURITY] [DSA 2335-1] man2html security update", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2335-1 security@debian.org\r\nhttp://www.debian.org/security/ Nico Golde\r\nNovember 5th, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : man2hhtml\r\nVulnerability : missing input sanitization\r\nProblem type : remote\r\nDebian-specific: yes\r\nCVE ID : CVE-2011-2770\r\n\r\nTim Starling discovered that the Debian-native CGI wrapper for man2html,\r\na program to convert UNIX man pages to HTML, is not properly escaping\r\nuser-supplied input when displaying various error messages. A remote\r\nattacker can exploit this flaw to conduct cross-site scripting (XSS)\r\nattacks.\r\n\r\n\r\nFor the oldstable distribution (lenny), this problem has been fixed in\r\nversion 1.6f-3+lenny1.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 1.6f+repack-1+squeeze1.\r\n\r\nFor the testing distribution (wheezy), this problem has been fixed in\r\nversion 1.6g-6.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 1.6g-6.\r\n\r\nWe recommend that you upgrade your man2html packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niEYEARECAAYFAk61lj8ACgkQHYflSXNkfP9h8ACfVZgiCyw+9aiZ/6EucayfNZ8/\r\nreAAoITXWlLvKZkHbF9WbdBk1a3j2q+L\r\n=8mxe\r\n-----END PGP SIGNATURE-----\r\n", "published": "2011-11-11T00:00:00", "modified": "2011-11-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27295", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2011-2770"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:42", "edition": 1, "viewCount": 6, "enchantments": {"score": {"value": 5.3, "vector": "NONE"}, "dependencies": {}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2011-2770"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-2770"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2335.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-2770"]}]}, "exploitation": null, "vulnersScore": 5.3}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645246146}}
{"nessus": [{"lastseen": "2021-08-19T12:59:37", "description": "Tim Starling discovered that the Debian-native CGI wrapper for man2html, a program to convert UNIX man pages to HTML, is not properly escaping user-supplied input when displaying various error messages. A remote attacker can exploit this flaw to conduct cross-site scripting (XSS) attacks.", "cvss3": {"score": null, "vector": null}, "published": "2011-11-07T00:00:00", "type": "nessus", "title": "Debian DSA-2335-1 : man2html - missing input sanitization", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2770"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:man2html", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2335.NASL", "href": "https://www.tenable.com/plugins/nessus/56715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2335. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56715);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2770\");\n script_bugtraq_id(50566);\n script_xref(name:\"DSA\", value:\"2335\");\n\n script_name(english:\"Debian DSA-2335-1 : man2html - missing input sanitization\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Tim Starling discovered that the Debian-native CGI wrapper for\nman2html, a program to convert UNIX man pages to HTML, is not properly\nescaping user-supplied input when displaying various error messages. A\nremote attacker can exploit this flaw to conduct cross-site scripting\n(XSS) attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/man2html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2335\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the man2html packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.6f-3+lenny1.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.6f+repack-1+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:man2html\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"man2html\", reference:\"1.6f-3+lenny1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"man2html\", reference:\"1.6f+repack-1+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "securityvulns": [{"lastseen": "2021-06-08T18:46:17", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 2, "cvss3": {}, "published": "2011-11-11T00:00:00", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-2770"], "modified": "2011-11-11T00:00:00", "id": "SECURITYVULNS:VULN:12029", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12029", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:56:05", "description": "Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6,\nand possibly other version, allows remote attackers to inject arbitrary web\nscript or HTML via unspecified vectors related to error messages.", "cvss3": {}, "published": "2011-11-17T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2770", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2770"], "modified": "2011-11-17T00:00:00", "id": "UB:CVE-2011-2770", "href": "https://ubuntu.com/security/CVE-2011-2770", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "debian": [{"lastseen": "2021-10-22T00:10:44", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2335-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nNovember 5th, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : man2hhtml\nVulnerability : missing input sanitization\nProblem type : remote\nDebian-specific: yes\nCVE ID : CVE-2011-2770\n\nTim Starling discovered that the Debian-native CGI wrapper for man2html,\na program to convert UNIX man pages to HTML, is not properly escaping\nuser-supplied input when displaying various error messages. A remote\nattacker can exploit this flaw to conduct cross-site scripting (XSS)\nattacks.\n\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 1.6f-3+lenny1.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.6f+repack-1+squeeze1.\n\nFor the testing distribution (wheezy), this problem has been fixed in\nversion 1.6g-6.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.6g-6.\n\nWe recommend that you upgrade your man2html packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2011-11-05T20:02:07", "type": "debian", "title": "[SECURITY] [DSA 2335-1] man2html security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2770"], "modified": "2011-11-05T20:02:07", "id": "DEBIAN:DSA-2335-1:1E207", "href": "https://lists.debian.org/debian-security-announce/2011/msg00212.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2022-03-23T12:15:53", "description": "Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error messages.", "cvss3": {}, "published": "2011-11-17T19:55:00", "type": "cve", "title": "CVE-2011-2770", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2770"], "modified": "2011-11-21T05:00:00", "cpe": ["cpe:/a:robert_luberda:man2html:1.6"], "id": "CVE-2011-2770", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2770", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:robert_luberda:man2html:1.6:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2021-12-14T17:50:31", "description": "Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to error messages.", "cvss3": {}, "published": "2011-11-17T19:55:00", "type": "debiancve", "title": "CVE-2011-2770", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2770"], "modified": "2011-11-17T19:55:00", "id": "DEBIANCVE:CVE-2011-2770", "href": "https://security-tracker.debian.org/tracker/CVE-2011-2770", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}
