NetScreen Advisory 58412: XSS Bug in NetScreen-SA SSL VPN

From: NetScreen Security Response Team (
Date: 03/04/04

  • Next message: "E-mail account disabling warning."
    Date: Thu, 4 Mar 2004 10:56:04 -0800

    Hash: SHA1

    Title: NetScreen Advisory 58412
    Date: 02 March 2004

    Impact: Possible theft of user credentials and remote script execution.

    Affected Products: NetScreen IVE running version 3.0 to 3.3.1.

    Max Risk: Low

    A cross-site scripting (XSS) vulnerability was discovered during an
    external security audit of release 3.3 Patch 1 of the IVE. This
    vulnerability affects customers using all versions of the IVE Platform
    since 3.0. At this time there have been no reports of customers
    compromised due to this IVE vulnerability.

    There exists a cross-site scripting bug in 'row' parameter of the
    'delhomepage.cgi' URL. This issue may result in the theft of
    credentials such as session cookies and allow hostile client-side
    scripts to run with unintended access privileges. The scope of the
    problem is limited because only authenticated users can access the
    affected URL.

    NetScreen has security patches available to address this vulnerability.
    We highly recommend that you upgrade your IVE to a patch corresponding
    to your currently installed release.

    Recommended Actions:
    Install the appropriate patch corresponding to your currently installed

    Getting Fixed Software for NetScreen IVE Products:
    NetScreen is offering free fixes for IVE versions 3.2.1 through 3.3.1
    for all customers, regardless of service contract status. The following
    security releases which contain the fix for this issue are available
    on the NetScreen support site for all customers.

    Updates available immediately:
    - - 3.2.1 Patch 1-S2 (Build 5633)
    - - 3.3-S1 (Build 5607)
    - - 3.3 Patch 1-S1 (Build 5605)
    - - 3.3.1-S1 (Build 5651)

    Customers may download the above patches on the NetScreen IVE support
    website at

    Customers with further questions may contact the NetScreen IVE Technical
    Assistance Center at 408-543-2991 (Option 2) or send email to

    This advisory as well as any future updates will be made available
    through the NetScreen Security Notices webpage:

    If you wish to verify the validity of this Security Advisory, the
    public PGP key can be accessed at:

    Thanks to Mark Lachniet of Analysts International
    [lachniet -=at=-] for reporting this issue and working
    with us.

    Version: GnuPG v1.2.4 (GNU/Linux)
    Comment: NetScreen Security Response Team <>

    -----END PGP SIGNATURE-----

  • Next message: "E-mail account disabling warning."

    Relevant Pages