AutoIndex <= 2.2.2 Cross Site Scripting and Denial of Service

2007.11.15

Credit: L4teral

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2007-5983 | CVE-2007-5984

CWE: CWE-79

======================================================================
AutoIndex <= 2.2.2 Cross Site Scripting and Denial of Service
======================================================================
Author: L4teral <l4teral [4t] gmail com>
Impact: Cross Site Scripting
Denial of Service (DoS)
Status: patch available
------------------------------
Affected software description:
------------------------------
Application: AutoIndex
Version: <= 2.2.2/2.2.3
Vendor: http://autoindex.sourceforge.net
--------------
Vulnerability:
--------------
1.
The variable $_SERVER['PHP_SELF'] is not properly sanitized
leading to cross site scripting.
2.
The use of unsanitized user input causes an error in the recursive
calculation of the size of a directory leading to cpu time/memory
consumption until the process gets killed.
------------
PoC/Exploit:
------------
1.
http://<host>/AutoIndex/index.php/"><script>alert(document.cookie)</scri
pt>
2.
http://<host>/AutoIndex/index.php?dir=%00
---------
Solution:
---------
update to version 2.2.4.
---------
Timeline:
---------
2007-11-05 - vendor informed
2007-11-05 - vendor released version 2.2.3 (fixing XSS)
2007-11-09 - vendor released version 2.2.4 (fixing DoS)
2007-11-12 - public disclosure

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

AutoIndex <= 2.2.2 Cross Site Scripting and Denial of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.