Menu
▾
▴
[qmailadmin-cvs] qmailadmin ChangeLog, 1.15.2.111, 1.15.2.112 template.c, 1.7.2.16, 1.7.2.17
|
From: Tom C. <tom...@us...> - 2009-02-06 05:30:10
|
Update of /cvsroot/qmailadmin/qmailadmin In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv25164 Modified Files: Tag: stable-1_2 ChangeLog template.c Log Message: fix for XSS hole in template.c Index: template.c =================================================================== RCS file: /cvsroot/qmailadmin/qmailadmin/template.c,v retrieving revision 1.7.2.16 retrieving revision 1.7.2.17 diff -u -d -r1.7.2.16 -r1.7.2.17 --- template.c 8 Jan 2008 04:45:01 -0000 1.7.2.16 +++ template.c 6 Feb 2009 05:30:05 -0000 1.7.2.17 @@ -272,7 +272,7 @@ /* show returnhttp (from TmpCGI) */ case 'H': GetValue (TmpCGI, value, "returnhttp=", sizeof(value)); - printh ("%H", value); + printh ("%C", value); break; /* show the counts */ @@ -456,7 +456,7 @@ GetValue (TmpCGI, value, "returntext=", sizeof(value)); GetValue (TmpCGI, value2, "returnhttp=", sizeof(value2)); if (*value != '\0') { - printh ("<A HREF=\"%s\">%H</A>", value2, value); + printh ("<A HREF=\"%C\">%H</A>", value2, value); } break; @@ -620,7 +620,7 @@ case 'x': strcpy (value, get_session_val("returntext=")); if(strlen(value) > 0) { - printh("<a href=\"%s\">%H", get_session_val("returnhttp="), value); + printh("<a href=\"%C\">%H", get_session_val("returnhttp="), value); } else { printh("<a href=\"%s\">%s", cgiurl("logout"), html_text[218]); } @@ -629,12 +629,12 @@ /* returnhttp */ case 'y': - printf("%s", get_session_val("returnhttp=")); + printh("%C", get_session_val("returnhttp=")); break; /* returntext */ case 'Y': - printf("%s", get_session_val("returntext=")); + printh("%H", get_session_val("returntext=")); break; /* send the image URL directory */ Index: ChangeLog =================================================================== RCS file: /cvsroot/qmailadmin/qmailadmin/ChangeLog,v retrieving revision 1.15.2.111 retrieving revision 1.15.2.112 diff -u -d -r1.15.2.111 -r1.15.2.112 --- ChangeLog 8 Jan 2008 04:45:01 -0000 1.15.2.111 +++ ChangeLog 6 Feb 2009 05:30:05 -0000 1.15.2.112 @@ -6,6 +6,8 @@ Tom Collins - qmailadmin.c: check return value of setuid() and setgid() and exit if either fail (security issue reported by Miguel Lourenco). + - template.c: fix for potential XSS (cross-site scripting) hole + in the login page (reported by Michael Middleton). Chaz Owensby - Report disk usage to non-admin user on their Modify User page. |
