[NEWS] Juniper Networks DX Web Administration Persistent System Log XSS
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 11 Jul 2006 18:11:41 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Juniper Networks DX Web Administration Persistent System Log XSS
------------------------------------------------------------------------
SUMMARY
"The <http://www.juniper.net/products/appaccel/dca/dx.html> Juniper
Networks DX application acceleration platform delivers a complete data
center acceleration solution for web-enabled and IP-based business
applications."
Improper handling of user input allows attackers to execute XSS attacks
and steal cookies from authenticated users.
DETAILS
Vulnerable Systems:
* Juniper DX version 5.1
The Juniper Networks DX System log is vulnerable to a persistent,
unauthenticated XSS attack. This vulnerability can be exploited by an
attacker to obtain full administrative access to the Juniper DX appliance.
This vulnerability stems from failure to sanitize System log content
within the web administration interface. A malicious user may insert
content into the username login field which will then be executed by
administrative users when viewing the System Log.
Workaround:
Control network access to the DX web administration console.
ADDITIONAL INFORMATION
The information has been provided by <mailto:dbounds@xxxxxxxxx> Darren
Bounds.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [EXPL] Microsoft Word Buffer Overflow (Exploit 2)
- Next by Date: [NT] Microsoft Office Malformed String Parsing (MS06-38)
- Previous by thread: [EXPL] Microsoft Word Buffer Overflow (Exploit 2)
- Next by thread: [NT] Microsoft Office Malformed String Parsing (MS06-38)
- Index(es):
Relevant Pages
|
|
