View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000158 | Main CAcert Website | source code | public | 2006-03-05 22:40 | 2013-11-20 22:23 |
| Reporter | aanriot | Assigned To | |||
| Priority | high | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Fixed in Version | 2006 | ||||
| Summary | 0000158: Inserting text into the CAcert website | ||||
| Description | It is possible to inject text into the CAcert website using index/18.php: https://www.cacert.org/index.php?id=18&message=Do%20not%20trust%20your%20eyes! Using a specially crafted URL an attacker may be able to spoof a site like https://www.cacert.org/index.php?id=3 As the domain part of the URL and the ssl-cert is valid normal users have no reason to be suspicious. | ||||
| Tags | No tags attached. | ||||
| Reviewed by | |||||
| Test Instructions | |||||
|
|
changed 17.php to send id numbers instead of strings, and updated 18.php to the following; <? $errmsg = _("The CAcert root certificate was successfully installed"); if($_REQUEST['errid'] == 1) $errmsg = _("Can't start the CEnroll control:").' '.substr(striptags($_REQUEST['hex']), 0, 5); if($_REQUEST['errid'] == 2) $errmsg = _("Problems were detected with the CAcert root certificate download error:").' '.substr(striptags($_REQUEST['hex']), 0, 5); ?> <?=$errmsg?> |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2006-03-05 22:40 |
|
New Issue | |
| 2006-04-21 19:23 |
|
Relationship added | duplicate of 0000065 |
| 2006-04-21 19:24 |
|
Priority | normal => high |
| 2006-04-21 19:24 |
|
View Status | public => private |
| 2006-08-14 02:15 | duane | Status | new => solved? |
| 2006-08-14 02:15 | duane | Fixed in Version | => production |
| 2006-08-14 02:15 | duane | Resolution | open => fixed |
| 2006-08-14 02:15 | duane | Assigned To | => duane |
| 2006-08-14 02:15 | duane | Note Added: 0000392 | |
| 2007-10-24 06:20 | evaldo | Reporter | bluec => aanriot |
| 2007-10-24 06:20 | evaldo | Assigned To | duane => |
| 2007-10-24 06:20 | evaldo | Status | solved? => closed |
| 2013-01-14 01:23 | Werner Dworak | Fixed in Version | => 2006 |
| 2013-11-20 22:23 | NEOatNHNG | View Status | private => public |
