Vigil@nce: Apache mod_perl, Cross Site Scripting
April 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can use the Status feature of mod_perl in order to
create a Cross Site Scripting.
Severity: 1/4
Consequences: client access/rights
Provenance: document
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: low (1/3)
Creation date: 07/04/2009
IMPACTED PRODUCTS
– Apache httpd
DESCRIPTION OF THE VULNERABILITY
The mod_perl module can be installed on Apache httpd version 1 or
2 in order to handle scripts written in Perl language.
The Apache::Status or Apache2::Status feature, which is reachable
via the "/perl-status" url, displays information about the Perl
module. This feature is generally disabled.
The Status feature generates an HTML page containing the uri given
by the user. However, this uri is not filtered before being
displayed.
An attacker can therefore use the Status feature of mod_perl in
order to create a Cross Site Scripting.
CHARACTERISTICS
Identifiers: BID-34383, CVE-2009-0796, ERR-2009-0795,
VIGILANCE-VUL-8604
http://vigilance.fr/vulnerability/Apache-mod-perl-Cross-Site-Scripting-8604