[Japanese]

JVNDB-2005-000727

mod_imap cross-site scripting vulnerability

Overview

The "mod_imap" and "mod_imagemap" modules of the Apache HTTP Server are used for implementing server-side image map processing.
mod_imap and mod_imagemap are affected by a cross-site scripting vulnerability when referer values are used in an image map in such a way that they do not handle HTTP_REFERER properly.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.3 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: Partial
  • Availability Impact: None
Affected Products


Apache Software Foundation
  • Apache HTTP Server 1.3.34 and ealier
  • Apache HTTP Server 2.0.55 and ealier
  • Apache HTTP Server 2.2.0
IBM Corporation
  • IBM HTTP Server 1.3.26.x
  • IBM HTTP Server 1.3.28.x
  • IBM HTTP Server 2.0.42.x
  • IBM HTTP Server 2.0.47.x
  • IBM HTTP Server 6.0.x
Apple Inc.
  • Apple Mac OS X v10.4.11
  • Apple Mac OS X Server v10.4.11
  • Apple Mac OS X Server v10.5.2
Oracle Corporation
  • Oracle HTTP Server 10.1.3.5.0
Sun Microsystems, Inc.
  • Sun Solaris 10 (sparc)
  • Sun Solaris 10 (x86)
  • Sun Solaris 8 (sparc)
  • Sun Solaris 8 (x86)
  • Sun Solaris 9 (sparc)
  • Sun Solaris 9 (x86)
Turbolinux, Inc.
  • Turbolinux 10_f
  • Turbolinux Desktop 10
  • Turbolinux FUJI
  • Turbolinux Multimedia
  • Turbolinux Personal
  • Turbolinux Server 10
  • Turbolinux Server 10 (x64)
  • Turbolinux Home
Hewlett-Packard Development Company, L.P
  • HP-UX 11.00
  • HP-UX 11.04
  • HP-UX 11.11
  • HP-UX 11.23
MIRACLE LINUX CORPORATION
  • Asianux Server 3.0
  • Asianux Server 3.0 (x86-64)
  • Asianux Server 4.0
  • Asianux Server 4.0 (x86-64)
Red Hat, Inc.
  • Red Hat Enterprise Linux 2.1 (as)
  • Red Hat Enterprise Linux 3 (as)
  • Red Hat Enterprise Linux 4 (as)
  • Red Hat Enterprise Linux 2.1 (es)
  • Red Hat Enterprise Linux 3 (es)
  • Red Hat Enterprise Linux 4 (es)
  • Red Hat Enterprise Linux 2.1 (ws)
  • Red Hat Enterprise Linux 3 (ws)
  • Red Hat Enterprise Linux 4 (ws)
  • Red Hat Linux Advanced Workstation 2.1
Hitachi, Ltd
  • Cosminexus Application Server Enterprise Version 6
  • Cosminexus Application Server Standard Version 6
  • Cosminexus Application Server Version 5
  • Cosminexus Developer Light Version 6
  • Cosminexus Developer Professional Version 6
  • Cosminexus Developer Standard Version 6
  • Cosminexus Developer Version 5
  • Cosminexus Server - Enterprise Edition
  • Cosminexus Server - Standard Edition
  • Cosminexus Server - Standard Edition Version 4
  • Cosminexus Server - Web Edition
  • Cosminexus Server - Web Edition Version 4
  • Hitachi Web Server
  • Hitachi Web Server - Custom Edition
  • Hitachi Web Server - Security Enhancement
  • Hitachi Web Server for VOS3
  • uCosminexus Application Server Enterprise
  • uCosminexus Application Server Smart Edition
  • uCosminexus Application Server Standard
  • uCosminexus Developer Professional
  • uCosminexus Developer Light
  • uCosminexus Developer Standard
  • uCosminexus Service Architect
  • uCosminexus Service Platform

Please refer to HS06-022 provided by Hitachi for more details.
Impact

A remote attacker could execute a malicious script on the web browser of a user who accessed a web page where mod_imap or mod_imagemap is used.
Solution

Vendor Information

Apache Software Foundation
  • Apache httpd 1.3 vulnerabilities : 1.3.35
  • Apache httpd 2.0 vulnerabilities : 2.0.58
  • Apache httpd 2.2 vulnerabilities : 2.2.2
  • Changes with Apache : 1.3.35
  • Changes with Apache : 2.0.58
  • Changes with Apache : 2.2.2
IBM Corporation Apple Inc. Oracle Corporation Sun Microsystems, Inc.
  • Sun Alert Notification : 102662
  • Sun Alert Notification : 102663
Turbolinux, Inc. Hewlett-Packard Development Company, L.P MIRACLE LINUX CORPORATION Red Hat, Inc. Hitachi, Ltd
  • Hitachi Software Vulnerability Information : HS06-022
CWE (What is CWE?)

CVE (What is CVE?)

  1. CVE-2005-3352
References

  1. JVN : JVN#06045169
  2. National Vulnerability Database (NVD) : CVE-2005-3352
  3. US-CERT Cyber Security Alerts : SA08-079A
  4. US-CERT Cyber Security Alerts : SA08-150A
  5. US-CERT Technical Cyber Security Alert : TA08-079A
  6. US-CERT Technical Cyber Security Alert : TA08-150A
  7. SecurityFocus : 15834
Revision History

  • [2008/05/21]
      Web page published
    [2008/06/06]
      Affected Products : Added Apple Inc (Security Update 2008-002)
      Vendor Information : Added Apple Inc (Security Update 2008-002)
    [2008/06/17]
      Vendor Information : Added Apple Inc (Security Update 2008-003)
    [2013/07/18]
      Affected Products : Product of Oracle was added
      Vendor Information : Contents of Oracle were added
    [2014/05/22]
      Affected Products : Products were added
      Vendor Information : Content was added