Skip to content
Permalink
Browse files Browse the repository at this point in the history
fixed a fail to adequately sanitize request strings of malicious Java…
…Script #30
  • Loading branch information
mikaku committed Nov 26, 2013
1 parent 7a22d2a commit e86c115
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 3 deletions.
5 changes: 4 additions & 1 deletion Changes
Expand Up @@ -33,9 +33,12 @@
- Fixed the 'int' graph in order to be compatible with Excito B3 product.
(thanks to Patrick Fallberg, patrick AT fallberg.net for pointing this out)
- Fixed to correctly sanitize the input string in the built-in HTTP server
which led a number of security vulnerabilities. [#30]
which led into a number of security vulnerabilities. [#30]
- Fixed the lack of minimum definition in some data sources of 'bind' graph.
(thanks to Andreas Itzchak Rehberg, izzy AT qumran.org for pointing this out)
- Fixed a fail to adequately sanitize request strings of malicious JavaScript.
[#30]
(thanks to Jacob Amey, jamey AT securityinspection.com for pointing this out)
- Small fixes and typos.


Expand Down
16 changes: 14 additions & 2 deletions lib/HTTPServer.pm
Expand Up @@ -153,6 +153,18 @@ sub handle_request {
return if fork(); # parent returns

my $url = $cgi->path_info();
my $url_disarmed = $url;

# this should disarm all XSS and Cookie Injection attempts
$url_disarmed =~ s/\&/&/g;
$url_disarmed =~ s/\</&lt;/g;
$url_disarmed =~ s/\>/&gt;/g;
$url_disarmed =~ s/\"/&quot;/g;
$url_disarmed =~ s/\'/&#x27;/g;
$url_disarmed =~ s/\(/&#x28;/g;
$url_disarmed =~ s/\)/&#x29;/g;
$url_disarmed =~ s/\//&#x2F;/g;

$0 = "monitorix-httpd"; # change process' name

# check if the IP address is allowed to connect
Expand All @@ -166,7 +178,7 @@ sub handle_request {
print "<title>403 Forbidden</title>\r\n";
print "</head><body>\r\n";
print "<h1>Forbidden</h1>\r\n";
print "<p>You don't have permission to access $url\r\n";
print "<p>You don't have permission to access $url_disarmed\r\n";
print "on this server.</p>\r\n";
print "<hr>\r\n";
print "<address>Monitorix HTTP Server listening at $host Port $port</address>\r\n";
Expand Down Expand Up @@ -242,7 +254,7 @@ sub handle_request {
print "<title>404 Not Found</title>\r\n";
print "</head><body>\r\n";
print "<h1>Not Found</h1>\r\n";
print "The requested URL $url was not found on this server.<p>\r\n";
print "The requested URL $url_disarmed was not found on this server.<p>\r\n";
print "<hr>\r\n";
print "<address>Monitorix HTTP Server listening at $host Port $port</address>\r\n";
print "</body></html>\r\n";
Expand Down

0 comments on commit e86c115

Please sign in to comment.