Note: The red stoplight on this page indicates the highest possible severity level for this category of vulnerabilities. To determine the severity level in this instance, refer to the colored dot beside the link to this tutorial on the previous page.
12/12/02
CAN 2002-1361
The overflow.cgi script, which is included
with the Cobalt RaQ 4 Security Hardening Package, contains
a remotely exploitable buffer overflow condition in the
processing of the email parameter. An
attacker could execute arbitrary commands by sending
specially crafted POST commands.
3/6/02
CAN 2002-0347
By requesting a web address containing the dot-dot-slash
(../) sequence, it is possible for a remote
attacker to view files under the web root that would
otherwise not be readable, such as .htaccess
files.
3/6/02
CAN 2002-0346
Two CGI scripts, alert.cgi and service.cgi,
do not properly handle malformed parameters containing script tags.
A malicious web site could induce visitors to run arbitrary
scripts on their workstations by setting up a specially crafted
link to the vulnerable CGIs. Although cross-site scripting
does not result in a compromise of the vulnerable server itself,
it is undesirable because it facilitates an attack on other
machines.
3/6/02
CAN 2002-0348
Two CGI scripts, alert.cgi and service.cgi,
do not properly handle very long input parameters. A remote attacker
could crash the service, requiring an administrator to manually
restart it.
For the directory traversal problem, a workaround is to create the file /usr/admserv/html/.htaccess containing the following text:
<Files .htaccess> Order allow,deny Deny from all </Files>Note that this workaround only prevents access to .htaccess files. If there are other known sensitive files that should not be readable, they also need to be protected in a similar manner.
The other three vulnerabilities were posted to Bugtraq.