|
 |
|
FortiOS Log File Cross Site Scripting
|
|
|
|
|
Secunia Advisory:
|
SA9932
|
|
|
Release Date:
|
2003-10-03
|
|
Last Update:
|
2003-11-13
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Cross Site Scripting
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Fortinet FortiOS (FortiGate) 2.x
|
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Multiple vulnerabilities have been identified in FortiOS allowing malicious people to conduct Cross Site Scripting attacks.
The problem is that URLs, which are blocked by FortiGate, are logged unfiltered and displayed unfiltered in the admin interface. This allows malicious people to conduct Cross Site Scripting attacks against the administrative interface.
Various scripts in the administrative interface are also vulnerable to trivial Cross Site Scripting attacks.
The username and the MD5 hash of the password is stored in a cookie. This is not a vulnerability, but is inapproriate way of authenticating users.
The vulnerabilities have been reported to affect versions below OS 2.50 MR4.
Solution:
The Cross Site Scripting vulnerability has been reported to be fixed in version OS 2.50 MR4.
http://support.fortinet.com/
The two unspecified vulnerabilities have not been fixed yet.
To protect against these vulnerabilities you should administrate FortiGate from a system, which isn't connected to the Internet.
Provided and/or discovered by:
Maarten Hartsuijker
Changelog:
2003-11-13: Updated description.
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
3 Related Secunia Security Advisories
|
|
|
1. FortiGate FTP Anti-Virus Scanning Bypass Vulnerability
|
|
2. FortiGate URL Filter and Virus Scanning Bypass Vulnerabilities
|
|
3. Fortinet Products ISAKMP IKE Message Processing Vulnerabilities
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
