It was discovered that multiple CGI scripts used by Red Hat / Fedora Directory Server did not properly sanitize %-escaped inputs, resulting in a possibility to conduct cross-site scripting (XSS) attacks. Issue was caused by a flow in an adminutil library that contain common functionality used by multiple CGI scripts, such as affected GET / POST argument parsing. Issue is know to affect some Administration Express scripts and Directory Server Gateway (DSGW) scripts. Affected version: Red Hat Directory Server 7.1 Red Hat Directory Server 8 (flaw limited to Administration Express issues, as DSGW component is not shipped) Fedora Directory Server
Lifting embargo.
adminutil-1.1.7-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
adminutil-1.1.7-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Directory Server v8 EL4 Red Hat Directory Server v8 EL5 Via RHSA-2008:0601 http://rhn.redhat.com/errata/RHSA-2008-0601.html
This issue has been addressed in following products: Red Hat Directory Server v7.1 Via RHSA-2008:0596 http://rhn.redhat.com/errata/RHSA-2008-0596.html