| The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them. |
|
 |
|
|
|
vulnerability announce CVE-2009-1201 CVE-2009-1202 CVE-2009-1203
Cisco ASA: vulnerabilities of the Web VPN
Synthesis of the vulnerability
| An attacker can use three vulnerabilities of the Web VPN of Cisco ASA in order to execute JavaScript code or to obtain authentication credential. |
Severity: 2/4.
Creation date: 24/06/2009.
|
Impacted products
Description of the vulnerability
Three vulnerabilities were announced in Cisco ASA Web VPN, Clientless SSL VPN.
An attacker can create an HTML page containing a function stored in the CSCO_WebVPN['process'] variable. The csco_wrap_js() JavaScript function then calls attacker's function, and its code runs in the context of the web proxy. [severity:2/4; 18373, BID-35476, CERTA-2009-AVI-260, CSCsy80694, CVE-2009-1201, >]
The proxy changes urls using a ROT13 encoding. However, if a script changes the first byte, the returned page is not rewritten, and the JavaScript code it contains is thus executed in the context of the proxy. [severity:2/4; 18442, BID-35480, CSCsy80705, CVE-2009-1202, >]
An HTML page can contain a link to a FTP of CIFS site requesting an authentication. When the victim clicks on this link, a dialog box appears. However, this window is similar to the proxy authentication window, which can deceive the victime and invite him to enter his proxy login and password. [severity:2/4; 18536, BID-35475, CSCsy80709, CVE-2009-1203, >] |
Share this bulletin
Complete Vigil@nce bulletin
Characteristics
Title: Cisco ASA: vulnerabilities of the Web VPN.
Keywords: 18373 18442 18536 ASA CERTA-2009-AVI-260 CIFS CSCO_WebVPN CSCsy80694 CSCsy80705 CSCsy80709 Cisco Clientless FTP HTML JavaScript ROT13 SSL VPN Web csco_wrap_js vulnerabilities.
Identifiers: 18373, 18442, 18536, BID-35474, BID-35475, BID-35476, BID-35480, CERTA-2009-AVI-260, CSCsy80694, CSCsy80705, CSCsy80709, CVE-2009-1201, CVE-2009-1202, CVE-2009-1203, TWSL2009-002, VIGILANCE-VUL-8822.
|
Information sources
Solutions for this vulnerability
Supplements
Vulnerability : CVE-2009-1201
An attacker can create an HTML page containing a function stored in the CSCO_WebVPN['process'] variable. The csco_wrap_js() JavaScript function then calls attacker's function, and its code runs in the context of the web proxy.
Severity: 2/4.
Identifiers: 18373, BID-35476, CERTA-2009-AVI-260, CSCsy80694, CVE-2009-1201.
|
|
Vulnerability : CVE-2009-1202
The proxy changes urls using a ROT13 encoding. However, if a script changes the first byte, the returned page is not rewritten, and the JavaScript code it contains is thus executed in the context of the proxy.
Severity: 2/4.
Identifiers: 18442, BID-35480, CSCsy80705, CVE-2009-1202.
|
|
Vulnerability : CVE-2009-1203
An HTML page can contain a link to a FTP of CIFS site requesting an authentication. When the victim clicks on this link, a dialog box appears. However, this window is similar to the proxy authentication window, which can deceive the victime and invite him to enter his proxy login and password.
Severity: 2/4.
Identifiers: 18536, BID-35475, CSCsy80709, CVE-2009-1203.
|
|
Computer vulnerabilities tracking service
Vigil@nce provides a network vulnerability alert. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The technology watch team tracks security threats targeting the computer system.
|
