| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability announce CVE-2009-1201 CVE-2009-1202 CVE-2009-1203
Cisco ASA: vulnerabilities of the Web VPN
Synthesis of the vulnerability
| An attacker can use three vulnerabilities of the Web VPN of Cisco ASA in order to execute JavaScript code or to obtain authentication credential. |
Severity: 2/4.
Creation date: 24/06/2009.
|
Description of the vulnerability
Three vulnerabilities were announced in Cisco ASA Web VPN, Clientless SSL VPN.
An attacker can create an HTML page containing a function stored in the CSCO_WebVPN['process'] variable. The csco_wrap_js() JavaScript function then calls attacker's function, and its code runs in the context of the web proxy. [severity:2/4; 18373, BID-35476, CSCsy80694, CVE-2009-1201, >]
The proxy changes urls using a ROT13 encoding. However, if a script changes the first byte, the returned page is not rewritten, and the JavaScript code it contains is thus executed in the context of the proxy. [severity:2/4; 18442, BID-35480, CSCsy80705, CVE-2009-1202, >]
An HTML page can contain a link to a FTP of CIFS site requesting an authentication. When the victim clicks on this link, a dialog box appears. However, this window is similar to the proxy authentication window, which can deceive the victime and invite him to enter his proxy login and password. [severity:2/4; 18536, BID-35475, CSCsy80709, CVE-2009-1203, >] |
Complete Vigil@nce bulletin
Characteristics
Title: Cisco ASA: vulnerabilities of the Web VPN.
Keywords: 18373 18442 18536 ASA CIFS CSCO_WebVPN CSCsy80694 CSCsy80705 CSCsy80709 Cisco Clientless FTP HTML JavaScript ROT13 SSL VPN Web csco_wrap_js vulnerabilities.
Identifiers: 18373, 18442, 18536, BID-35474, BID-35475, BID-35476, BID-35480, CSCsy80694, CSCsy80705, CSCsy80709, CVE-2009-1201, CVE-2009-1202, CVE-2009-1203, TWSL2009-002, VIGILANCE-VUL-8822.
|
Information sources
Solutions for this vulnerability
Supplements
Vulnerability : CVE-2009-1201
An attacker can create an HTML page containing a function stored in the CSCO_WebVPN['process'] variable. The csco_wrap_js() JavaScript function then calls attacker's function, and its code runs in the context of the web proxy.
Severity: 2/4.
Identifiers: 18373, BID-35476, CSCsy80694, CVE-2009-1201.
|
|
Vulnerability : CVE-2009-1202
The proxy changes urls using a ROT13 encoding. However, if a script changes the first byte, the returned page is not rewritten, and the JavaScript code it contains is thus executed in the context of the proxy.
Severity: 2/4.
Identifiers: 18442, BID-35480, CSCsy80705, CVE-2009-1202.
|
|
Vulnerability : CVE-2009-1203
An HTML page can contain a link to a FTP of CIFS site requesting an authentication. When the victim clicks on this link, a dialog box appears. However, this window is similar to the proxy authentication window, which can deceive the victime and invite him to enter his proxy login and password.
Severity: 2/4.
Identifiers: 18536, BID-35475, CSCsy80709, CVE-2009-1203.
|
|
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer applications vulnerability
|
