Same-origin policy bypass vulnerabilities in several VPN

2009-12-07 / 2009-12-08
Credit: Juha-Matti Laurio
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2009-2631
CWE: CWE-264


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Vulnerabilities in several clientless SSL VPN products have been reported. Gathering authentication cookies etc. is reportedly possible. At time of writing US-CERT's advisory lists the status of about 90 vendors. US-CERT Vulnerability Note VU#261869: http://www.kb.cert.org/vuls/id/261869 Severity metric is remarkable high: 45,00. This issue is CVE-2009-2631. Juha-Matti

References:

http://www.kb.cert.org/vuls/id/261869
http://xforce.iss.net/xforce/xfdb/54523
http://www.stonesoft.com/en/support/security_advisories/2009_03_12.html
http://www.sonicwall.com/us/2123_14883.html
http://www.sonicwall.com/us/2123_14882.html
http://www.securityfocus.com2000/bid/37152
http://www.securityfocus.com/archive/1/archive/1/508164/100/0/threaded
http://seclists.org/fulldisclosure/2006/Jun/238


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top