mirrors
/
Monitorix
mirror of https://github.com/mikaku/Monitorix.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fixed a fail to adequately sanitize request strings of malicious JavaScript #30

This commit is contained in:
Jordi Sanfeliu 2013-11-25 18:00:28 +01:00
parent a790c283a4
commit cc9ba672bb
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Changes
View File

@ -33,9 +33,12 @@
- Fixed the 'int' graph in order to be compatible with Excito B3 product. - Fixed the 'int' graph in order to be compatible with Excito B3 product.
(thanks to Patrick Fallberg, patrick AT fallberg.net for pointing this out) (thanks to Patrick Fallberg, patrick AT fallberg.net for pointing this out)
- Fixed to correctly sanitize the input string in the built-in HTTP server - Fixed to correctly sanitize the input string in the built-in HTTP server
which led a number of security vulnerabilities. [#30] which led into a number of security vulnerabilities. [#30]
- Fixed the lack of minimum definition in some data sources of 'bind' graph. - Fixed the lack of minimum definition in some data sources of 'bind' graph.
(thanks to Andreas Itzchak Rehberg, izzy AT qumran.org for pointing this out) (thanks to Andreas Itzchak Rehberg, izzy AT qumran.org for pointing this out)
- Fixed a fail to adequately sanitize request strings of malicious JavaScript.
[#30]
(thanks to Jacob Amey, jamey AT securityinspection.com for pointing this out)
- Small fixes and typos. - Small fixes and typos.

16
lib/HTTPServer.pm
View File

@ -153,6 +153,18 @@ sub handle_request {
return if fork(); # parent returns return if fork(); # parent returns
my $url = $cgi->path_info(); my $url = $cgi->path_info();
my $url_disarmed = $url;
# this should disarm all XSS and Cookie Injection attempts
$url_disarmed =~ s/\&/&/g;
$url_disarmed =~ s/\</&lt;/g;
$url_disarmed =~ s/\>/&gt;/g;
$url_disarmed =~ s/\"/&quot;/g;
$url_disarmed =~ s/\'/&#x27;/g;
$url_disarmed =~ s/\(/&#x28;/g;
$url_disarmed =~ s/\)/&#x29;/g;
$url_disarmed =~ s/\//&#x2F;/g;
$0 = "monitorix-httpd"; # change process' name $0 = "monitorix-httpd"; # change process' name
# check if the IP address is allowed to connect # check if the IP address is allowed to connect
@ -166,7 +178,7 @@ sub handle_request {
print "<title>403 Forbidden</title>\r\n"; print "<title>403 Forbidden</title>\r\n";
print "</head><body>\r\n"; print "</head><body>\r\n";
print "<h1>Forbidden</h1>\r\n"; print "<h1>Forbidden</h1>\r\n";
print "<p>You don't have permission to access $url\r\n"; print "<p>You don't have permission to access $url_disarmed\r\n";
print "on this server.</p>\r\n"; print "on this server.</p>\r\n";
print "<hr>\r\n"; print "<hr>\r\n";
print "<address>Monitorix HTTP Server listening at $host Port $port</address>\r\n"; print "<address>Monitorix HTTP Server listening at $host Port $port</address>\r\n";
@ -242,7 +254,7 @@ sub handle_request {
print "<title>404 Not Found</title>\r\n"; print "<title>404 Not Found</title>\r\n";
print "</head><body>\r\n"; print "</head><body>\r\n";
print "<h1>Not Found</h1>\r\n"; print "<h1>Not Found</h1>\r\n";
print "The requested URL $url was not found on this server.<p>\r\n"; print "The requested URL $url_disarmed was not found on this server.<p>\r\n";
print "<hr>\r\n"; print "<hr>\r\n";
print "<address>Monitorix HTTP Server listening at $host Port $port</address>\r\n"; print "<address>Monitorix HTTP Server listening at $host Port $port</address>\r\n";
print "</body></html>\r\n"; print "</body></html>\r\n";