Ubuntu
gnatsweb package

[gnatsweb] [CVE-2007-2808] cross-site scripting vulnerability

Bug #191196 reported by disabled.user on 2008-02-12

256

Affects		Status	Importance	Assigned to	Milestone
	gnatsweb (Debian)	Fix Released	Unknown	debbugs #427156
	gnatsweb (Ubuntu)	Invalid	Low	Kees Cook
	Dapper	Fix Released	Low	Emanuele Gentili
	Edgy	Fix Released	Low	Emanuele Gentili
	Feisty	Fix Released	Low	Emanuele Gentili

Bug Description

Binary package hint: gnatsweb

References:
DSA-1486-1 (http://www.debian.org/security/2008/dsa-1486)

Quoting:
"'r0t' discovered that gnatsweb, a web interface to GNU GNATS, did not
correctly sanitize the database parameter in the main CGI script. This
could allow the injection of arbitrary HTML, or javascript code."

Related branches

lp:ubuntu/dapper-security/gnatsweb

lp:ubuntu/edgy-updates/gnatsweb

lp:ubuntu/feisty-updates/gnatsweb

CVE References

2007-2808

Bug Watch Updater (bug-watch-updater) on 2008-02-12

Changed in gnatsweb:
status:	Unknown → Fix Released

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-02-29:

#1

dapper_gnatsweb_4.00-1ubuntu0.6.06.debdiff Edit (2.6 KiB, text/plain)

Changed in gnatsweb:
assignee:	nobody → emgent
importance:	Undecided → Low
status:	New → In Progress

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-02-29:

#2

edgy_gnatsweb_4.00-1ubuntu0.6.10.debdiff Edit (2.6 KiB, text/plain)

same version (4.00-1) in edgy, but patch attached.

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-02-29:

#3

dapper_gnatsweb_4.00-1ubuntu0.6.06.debdiff Edit (2.6 KiB, text/plain)

corrected patch for dapper (fixed changelog comment in edgy too).

Revision history for this message

Emanuele Gentili (emgent) wrote on 2008-02-29:

#4

feisty_gnatsweb_4.00-1ubuntu0.7.04.debdiff Edit (2.6 KiB, text/plain)

same version (4.00-1) in edgy/dapper, but patch attached.

Revision history for this message

Kees Cook (kees) wrote on 2008-03-03:

#5

Already fixed in Gutsy/Hardy.

Changed in gnatsweb:
assignee:	emgent → keescook
status:	In Progress → Invalid
assignee:	nobody → emgent
importance:	Undecided → Low
status:	New → Fix Committed
assignee:	nobody → emgent
importance:	Undecided → Low
status:	New → Fix Committed
assignee:	nobody → emgent
importance:	Undecided → Low
status:	New → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-03-04:

#6

This bug was fixed in the package gnatsweb - 4.00-1ubuntu0.7.04

---------------
gnatsweb (4.00-1ubuntu0.7.04) feisty-security; urgency=low

  * SECURITY UPDATE:
   + gnatsweb.pl (LP: #191196)
    - Fixed missing escaping of the database parameter which leads
      to a cross-site scripting vulnerability (XSS) via this
      parameter (CVE-2007-2808).
   + debian/control
    - Switch Maintainer to Ubuntu MOTU Developers
  * References:
   + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2808
   + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=427156

-- Emanuele Gentili <email address hidden> Fri, 29 Feb 2008 03:40:07 +0100

Changed in gnatsweb:
status:	Fix Committed → Fix Released

Kees Cook (kees) on 2008-03-07

Changed in gnatsweb:
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

debbugs #427156
[done important patch security] Edit

Bug watches keep track of this bug in other bug trackers.