F5 FirePass 4100 SSL VPN Cross-Site Scripting VulnerabilitiesMonday, 3 December 2007Some vulnerabilities have been reported in F5 FirePass 4100 SSL VPN, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed via the URL to my.activation.php3 and my.logon.php3 is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerabilities are reported in FirePass versions 5.4.1 to 5.5.2 and FirePass versions 6.0 to 6.0.1.
Solution:
The vendor has issued cumulative hotfix HF-601-6 for version 6.0.1:
https://support.f5.com/kb/en-us/solutions/public/7000/900/SOL7923.html
Filter malicious characters and character sequences in a web proxy.
Provided and/or discovered by:
Adrian Pastor, Jan Fry, and Richard Brain of ProCheckUp Ltd.
Original Advisory:
F5:
https://support.f5.com/kb/en-us/solutions/public/7000/900/SOL7923.html
Procheckup Ltd:
http://www.procheckup.com/Vulnerability_PR07-14.php
http://www.procheckup.com/Vulnerability_PR07-15.php
http://secunia.com/advisories/27904/
Share this content:
|