exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Apache VCL 2.x XSS / Denial Of Service

Apache VCL 2.x XSS / Denial Of Service
Posted May 6, 2013
Authored by Josh Thompson

Apache VCL versions 2.1, 2.2, 2.2.1, 2.3, and 2.3.1 suffer from denial of service and cross site scripting vulnerabilities due to missing input validation.

tags | advisory, denial of service, vulnerability, xss
advisories | CVE-2013-0267
SHA-256 | 2c1c5596e8e13b9395cc426a070f1a3de460f01bc9bca5807ab970a455c1f3d9

Apache VCL 2.x XSS / Denial Of Service

Change Mirror Download
CVE-2013-0267: Apache VCL improper input validation

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Apache VCL 2.1, 2.2, 2.2.1, 2.3, 2.3.1

Description:
Some parts of VCL did not properly validate input data. This problem was
present both in the Privileges portion of the web GUI and in the XMLRPC API.

A malicious user having a minimal level of administrative rights could
manipulate the data submitted by the web GUI or submit non-standard data to
the API to gain additional administrative rights.

The API functions that are vulnerable were introduced in 2.3.1. Some of those
API functions can also be exploited to perform a DOS attack on the site to
remove access from other users and to perform an XSS attack to gain elevated
privileges.

The vulnerabilities were found by an Apache VCL developer doing a code review.
No know exploits are in the wild at this point.

Fixed Versions:
Apache VCL 2.2.2, 2.3.2

Mitigation:
Apache VCL 2.3 and 2.3.1 users should upgrade to 2.3.2 as soon as possible.
Apache VCL 2.2 and 2.2.1 users should upgrade to 2.2.2 as soon as possible.
Apache VCL 2.1 users should upgrade to 2.2.2 or 2.3.2 as soon as possible.

Apache VCL 2.2.2 and 2.3.2 can be downloaded from
http://vcl.apache.org/downloads/download.cgi

Workarounds:
There are no complete workarounds. However, users must have at least
nodeAdmin, manageGroup, resourceGrant, or userGrant to exploit the
vulnerabilities. Removing that access from anyone that is not fully trusted
will minimized chances of an exploit against your site.


Josh Thompson
Apache VCL release manager
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close