Project InfoSponsor & PartnerInstalling ispCPFAQDocumentationDevelopment
Current time: 04-19-2024, 08:07 AM Hello There, Guest! (LoginRegister)

ispCP - Board - Support / ispCP Omega Development Area / Suggestions v / AWStats Patch for [ 2001151 ] XSS Issue

Post Reply 
AWStats Patch for [ 2001151 ] XSS Issue
Author Message
khan2002 Offline
Newbie
*

Posts: 8
Joined: Aug 2008
Reputation: 0
Post: #7
RE: AWStats Patch for [ 2001151 ] XSS Issue
Hy,

I've tried both and both not working on my Debian :

PHP Code:
patching file awstats.pl
Hunk #1 succeeded at 4394 (offset 18 lines).
Hunk #2 FAILED at 4446.
1 out of 2 hunks FAILED -- saving rejects to file awstats.pl.rej 

and in the awstats.pl.rej I find:

PHP Code:
*** awstats.pl    
--- awstats.pl.orig    
***************
*** 4376,4382 ****
  sub DecodeEncodedString {
      my $stringtodecode=shift;
      $stringtodecode =~ tr/\+/ /s;
-     $stringtodecode =~ s/%22//g;
      $stringtodecode =~ s/%([A-F0-9][A-F0-9])/pack("C"hex($1))/ieg;
      return $stringtodecode;
  }
--- 4376,4381 ----
***************
*** 4429,4440 ****
  #------------------------------------------------------------------------------
  sub CleanXSS {
      my $stringtoclean=shift;
-     # To avoid html tags and javascript
      $stringtoclean =~ s/</</g;
      $stringtoclean =~ s/>/>/g;
      $stringtoclean =~ s/|//g;
-     # To avoid onload="
-     $stringtoclean =~ s/onload//g;
      return $stringtoclean;
  }
  
--- 4428,4436 ---- 

Anyone an idea?[/php][/quote]
08-26-2008 06:29 PM
Find all posts by this user Quote this message in a reply
Post Reply 


Messages In This Thread
RE: AWStats Patch for [ 2001151 ] XSS Issue - khan2002 - 08-26-2008 06:29 PM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | isp Control Panel ( ispCP ) | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication