-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hash: SHA1

Nth Dimension Security Advisory (NDSA20060705)
Date: 5th July 2006
Author: Tim Brown <mailto:timb@nth-dimension.org.uk>
URL: <http://www.nth-dimension.org.uk/> / <http://www.machine.org.uk/>
Product: IPCalc 0.40 <http://www.jodies.de/ipcalc-archive/>
Vendor: Krischan Jodies <http://www.jodies.de/>
Risk: Low

Summary

The IPCalc CGI wrapper is vulnerable to Javascript injection within the
request URL.

Technical Details

The value of the URL requested is used in within the web pages returned by the
IPCalc CGI wrapper script, in its unsantised form:

$ grep -n actionurl ipcalc
45:$actionurl = $ENV{'REQUEST_URI'};
46:$actionurl =~ s/&/&amp;/g;
284:<form action="$actionurl" method="get" name="form" id="form">

Potential intruders could use this to execute malicious code on visitors
computers.

Solutions

In order to completely protect against the vulnerability (in the short
term), Nth Dimension recommend disabling the IPCalc CGI wrapper.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFErfNvVAlO5exu9x8RAn0dAJ9LCbPdyMCpdujlZzXwm7rJOqIxiACgwDLE
3WXYaqKSKZl+kv8Gh6XEoQE=
=audk
-----END PGP SIGNATURE-----