From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <overseers-return-12923-listarch-overseers=sources.redhat.com@sourceware.org>
Received: (qmail 22048 invoked by alias); 9 Sep 2014 16:55:45 -0000
Mailing-List: contact overseers-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <overseers.sourceware.org>
List-Archive: <http://sourceware.org/ml/overseers/>
List-Post: <mailto:overseers@sourceware.org>
List-Help: <mailto:overseers-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: overseers-owner@sourceware.org
Received: (qmail 22039 invoked by uid 89); 9 Sep 2014 16:55:44 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-3.2 required=5.0 tests=AWL,BAYES_00,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2
X-HELO: mx1.redhat.com
Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28)
 by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Tue, 09 Sep 2014 16:55:43 +0000
Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s89Gtff1026805
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL)
	for <overseers@sourceware.org>; Tue, 9 Sep 2014 12:55:41 -0400
Received: from valrhona.uglyboxes.com (ovpn01.gateway.prod.ext.phx2.redhat.com [10.5.9.1])
	by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id s89GterE018132
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO)
	for <overseers@sourceware.org>; Tue, 9 Sep 2014 12:55:41 -0400
Message-ID: <540F310C.8030905@redhat.com>
Date: Tue, 09 Sep 2014 16:55:00 -0000
From: Keith Seitz <keiths@redhat.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.7.0
MIME-Version: 1.0
To: overseers@sourceware.org
Subject: Fwd: Sourceware Security Vulnerablity
References: <CAHv8Y_5wVyWCsjasGx7noqU0rhMtE4-cmVV_Z5LMLe29-w-5=w@mail.gmail.com>
In-Reply-To: <CAHv8Y_5wVyWCsjasGx7noqU0rhMtE4-cmVV_Z5LMLe29-w-5=w@mail.gmail.com>
X-Forwarded-Message-Id: <CAHv8Y_5wVyWCsjasGx7noqU0rhMtE4-cmVV_Z5LMLe29-w-5=w@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-SW-Source: 2014-q3/txt/msg00147.txt.bz2

Someone posted this to the insight mailing list... Is there anything we 
can do?

Keith

-------- Original Message --------
Subject: Sourceware Security Vulnerablity
Date: Tue, 9 Sep 2014 04:16:16 -0700
From: Paul Yibelo <habte.yibelo@gmail.com>
To: insight@sourceware.org

Hey,

My name is Paul. I believe I discovered a very nice XSS in your
website sourceware.org. I coudnt find any other place to submit it so,
I just mailedy you here. you should have a bug submit page. :)

here is the payload

https://www.sourceware.org/cgi-bin/cvsweb.cgi/libc/login/programs%0A%0A<script>alert(0);</script>%0A%0A/pt_chown.c?rev=1.12&content-type=text/html&cvsroot=glibc&only_with_tag=MAIN

your error page doesnt sanitize input. hoping to hearing from you :D

Thanks,
Paul