SCO Information for VU#246409

CGI.pm vulnerable to Cross-site Scripting

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

SCO Security Advisory

Subject: OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : Perl cross-site scripting vulnerability.
Advisory number: CSSA-2003-SCO.30
Issue date: 2003 November 06
Cross reference: sr883606 fz528215 erg712409
______________________________________________________________________________



1. Problem Description

Perl is a high-level interpreted programming language well
known for its flexibility and ability to work with text
streams.


Obscure^ (obscure@eyeonsecurity.org) reported a cross site
scripting vulnerability in the CGI.pm perl module. This
module is used to facilitate the creation of web forms and
is part of the perl-modules RPM package.



2. Vulnerable Supported Versions

System Binaries
----------------------------------------------------------------------
OpenServer 5.0.7 Perl distribution
OpenServer 5.0.6 Perl distribution
OpenServer 5.0.5 Perl distribution



3. Solution

The proper solution is to install the latest packages.


4. OpenServer 5.0.7

4.1 First install Maintenance Pack 1

ftp://ftp.sco.com/pub/openserver5/507/osr507mp/


4.2 Next install gxwlibs

ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.29

4.2 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.30

4.3 Verification

MD5 (VOL.000.000) = af4167c4c52e3af6dcc94289807b008e
MD5 (VOL.000.001) = 2129b31fbde991c7ecdba826de8fc4b1
MD5 (VOL.000.002) = a6ee80a4f937f985dbe4eb247e98d350
MD5 (VOL.000.003) = b84437579b43fa8cc57ff8936490543d


md5 is available for download from
ftp://ftp.sco.com/pub/security/tools



4.4 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

1) Download the VOL* files to the /tmp directory

2) Run the custom command, specify an install from media
images, and specify the /tmp directory as the location of
the images.



5. OpenServer 5.0.6 / OpenServer 5.0.5

5.1 First install OSS646B - Execution Environment Supplement

ftp://ftp.sco.com/pub/openserver5/oss646b


5.2 Next install gwxlibs

ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.29

5.3 Location of Fixed Binaries

ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.30

5.4 Verification

MD5 (VOL.000.000) = af4167c4c52e3af6dcc94289807b008e
MD5 (VOL.000.001) = 2129b31fbde991c7ecdba826de8fc4b1
MD5 (VOL.000.002) = a6ee80a4f937f985dbe4eb247e98d350
MD5 (VOL.000.003) = b84437579b43fa8cc57ff8936490543d


md5 is available for download from
ftp://ftp.sco.com/pub/security/tools



5.5 Installing Fixed Binaries

Upgrade the affected binaries with the following sequence:

1) Download the VOL* files to the /tmp directory

2) Run the custom command, specify an install from media
images, and specify the /tmp directory as the location of
the images.




6. References

Specific references for this advisory:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0615
http://marc.theaimsgroup.com/?l=bugtraq&m=105880349328877&w=2
http://eyeonsecurity.org/advisories/CGI.pm/adv.html


SCO security resources:
http://www.sco.com/support/security/index.html


This security fix closes SCO incidents sr883606 fz528215
erg712409.



7. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers
intended to promote secure installation and use of SCO
products.


8. Acknowledgments

SCO would like to thank Obscure^ for reporting this issue.
______________________________________________________________________________


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (SCO/UNIX_SVR5)


iD8DBQE/qve+aqoBO7ipriERAqUtAJ9MBKogbCSdqJ8UrBA6YDmu2dXosQCgiaI9
LzUtvWmI6sIIeitugMgsyRg=
=2/ex
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.