NetScreen Advisory 58412: XSS Bug in NetScreen-SA SSL VPN

From: NetScreen Security Response Team (security-alert_at_netscreen.com)
Date: 03/04/04

  • Next message: staff_at_der-keiler.de: "E-mail account disabling warning."
    Date: Thu, 4 Mar 2004 10:56:04 -0800
    To: bugtraq@securityfocus.com, full-disclosure@netsys.com
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Title: NetScreen Advisory 58412
    Date: 02 March 2004

    Impact: Possible theft of user credentials and remote script execution.

    Affected Products: NetScreen IVE running version 3.0 to 3.3.1.

    Max Risk: Low

    Summary:
    A cross-site scripting (XSS) vulnerability was discovered during an
    external security audit of release 3.3 Patch 1 of the IVE. This
    vulnerability affects customers using all versions of the IVE Platform
    since 3.0. At this time there have been no reports of customers
    compromised due to this IVE vulnerability.

    Details:
    There exists a cross-site scripting bug in 'row' parameter of the
    'delhomepage.cgi' URL. This issue may result in the theft of
    credentials such as session cookies and allow hostile client-side
    scripts to run with unintended access privileges. The scope of the
    problem is limited because only authenticated users can access the
    affected URL.

    NetScreen has security patches available to address this vulnerability.
    We highly recommend that you upgrade your IVE to a patch corresponding
    to your currently installed release.

    Recommended Actions:
    Install the appropriate patch corresponding to your currently installed
    release.

    Getting Fixed Software for NetScreen IVE Products:
    NetScreen is offering free fixes for IVE versions 3.2.1 through 3.3.1
    for all customers, regardless of service contract status. The following
    security releases which contain the fix for this issue are available
    on the NetScreen support site for all customers.

    Updates available immediately:
    - - 3.2.1 Patch 1-S2 (Build 5633)
    - - 3.3-S1 (Build 5607)
    - - 3.3 Patch 1-S1 (Build 5605)
    - - 3.3.1-S1 (Build 5651)

    Customers may download the above patches on the NetScreen IVE support
    website at https://support.neoteris.com.

    Customers with further questions may contact the NetScreen IVE Technical
    Assistance Center at 408-543-2991 (Option 2) or send email to
    help@support.neoteris.com.

    This advisory as well as any future updates will be made available
    through the NetScreen Security Notices webpage:
    http://www.netscreen.com/services/security/security_notices.jsp

    If you wish to verify the validity of this Security Advisory, the
    public PGP key can be accessed at:
    http://www.netscreen.com/services/security/

    Thanks to Mark Lachniet of Analysts International
    [lachniet -=at=- analysts.com] for reporting this issue and working
    with us.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (GNU/Linux)
    Comment: NetScreen Security Response Team <security-alert@netscreen.com>

    iD8DBQFAR3oVW2Bw6QjqXRcRAjyEAJ4ldgHMHZVLKTIobZG+eZfo4U8J4wCgk35y
    kUmrtcdta2ijAi6qG32Pe0o=
    =9Nzh
    -----END PGP SIGNATURE-----


  • Next message: staff_at_der-keiler.de: "E-mail account disabling warning."

    Relevant Pages