version 4.2 is NOT affected, please alter it in advisory http://secunia.com/advisories/28726/ and others. Vendor fix this flaw in cvs on 10.10.2007. http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/bgplg/bgplg.c Updated version OpenBSD 4.2 which was released Nov 1, 2007 is NOT vulnerable. > [#DSECRG-08-007] Digital Security Research Group [DSecRG] Advisory > Application: OpenBSD BGPD daemon > Versions Affected: OpenBSD 4.1 > Vendor URL: http://openbsd.org > Bugs: XSS > Exploits: YES > Reported: 10.10.2007 > Vendor response: 10.10.2007 > Date of Public Advisory: 31.01.2008 > Authors: Alexandr Polyakov, Anton Karpov > Digital Security Research Group > [DSecRG] (research [at] dsec [dot] ru) > Description > *********** > OpenBSD BGPD daemon Web Interface has XSS vulnerability > History > ******** > http://www.mail-archive.com/misc@xxxxxxxxxxx/msg49057.html > Details > ******* > Linked XSS vulnerability found in script /cgi-bin/bgplg attacker can inject XSS in parameter cmd > Example: > http://[server]/cgi-bin/bgplg?cmd=shov+version<script>alert('DSecRG XSS')</script> > Fix Information > *************** > Vendor fix this flaw in cvs on 10.10.2007. Updated > version OpenBSD 4.2 which was released Nov 1, 2007. can be downloaded here: > http://openbsd.org > About > ***** > Digital Security is leading IT security company in Russia, > providing information security consulting, audit and penetration > testing services, risk analysis and ISMS-related services and > certification for ISO/IEC 27001:2005 and PCI DSS standards. Digital > Security Research Group focuses on web application and database > security problems with vulnerability reports, advisories and > whitepapers posted regularly on our website. > Contact: research [at] dsec [dot] ru > http://www.dsec.ru (in Russian) -- С уважением, Digital Security Research Group mailto:alexandr.polyakov@xxxxxxx
