Full-text search engine Namazu 2.0.14 released
2.0.13 or older version have Cross-Site Scripting vulnerability in
namazu.cgi.
It affects all sites using namazu.cgi 2.0.13 or older version, and it
can exploit HTTP cookie and/or alter web contents.
The vulnerability was repored to Information-technology Promotion
Agency(IPA) by a discoverer. Namazu Project gets the issue from
JPCERT Coordination Center(JPCERT/CC) and fixed.
Overview of Changes in Namazu 2.0.14 - Dec 15, 2004
* Fix a cross-site scripting vulnerability.
(When query which begins from a tab (%09) is specified.)
Workaround:
Workaround to 2.0.13 and before :
1. move namazu.cgi and .namazurc to a place where you cannot access
with http. Assuming you move to /usr/local/lib.
2. create the script blow named namazu.cgi, and grant execution permission.
2.1. script by sh
#!/bin/sh
QUERY_STRING=`echo "$QUERY_STRING" | sed -e 's/y=%09/y=%20/g'`
export QUERY_STRING
/usr/local/lib/namazu.cgi
2.2. script by perl
!#/usr/bin/perl
$ENV{QUERY_STRING}=~s/y=%09/y=%20/g;
system("/usr/local/lib/namazu.cgi");
See also:
JVN#904429FE
Cross-Site Scripting vulnerability in Namazu
http://jvn.jp/jp/JVN%23904429FE.html (written in Japanese)
The problem produced when query begins from a tab (%09)
http://www.namazu.org/security.html.en#cross-site-scripting
You can get Namazu 2.0.14 from http://www.namazu.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :
http://www.namazu.org/pipermail/namazu-users-en/attachments/20041215/c353349d/attachment.bin