The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Websense TRITON AP-WEB: nine vulnerabilities

Synthesis of the vulnerability 

An attacker can use several vulnerabilities of Websense TRITON AP-WEB.
Vulnerable systems: TRITON AP-WEB, Websense Web Filter, Websense Web Security.
Severity of this threat: 3/4.
Number of vulnerabilities in this bulletin: 9.
Creation date: 19/03/2015.
Références of this weakness: APP-3494, CVE-2014-3566, CVE-2014-6271, CVE-2014-9711, CVE-2015-2703, CVE-2015-2746, CVE-2015-2748, CVE-2015-2761, CVE-2015-2762, DSS-7910, EI-2301, EI-2465, EI-2529, EI-2970, VIGILANCE-VUL-16418, WCG-2132, WCG-2301, WCG-2347, WCG-2589, WSE-3881, WSE-4219, WSE-4308, WSE-4322, WSE 4544, WSE-4723, WSE-5122.

Description of the vulnerability 

Several vulnerabilities were announced in Websense TRITON AP-WEB.

An attacker can trigger a Cross Site Scripting in TRITON UI Exceptions and Scanning Exceptions, in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2015-2761, WSE-5122]

An attacker can enumerate Windows Domain users. [severity:2/4; CVE-2015-2762, WCG-2589]

An attacker, located as a Man-in-the-Middle, can decrypt a SSL 3.0 session, in order to obtain sensitive information (VIGILANCE-VUL-15485). [severity:2/4; CVE-2014-3566, DSS-7910, EI-2301, EI-2970, WCG-2301, WCG-2347, WSE 4544, WSE-4723]

An attacker can trigger a Cross Site Scripting in Content Gateway Error Messages, in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2014-9711, CVE-2015-2703, EI-2465, EI-2529, WCG-2132]

An attacker can access to Apache directories, in order to obtain sensitive information. [severity:2/4; CVE-2015-2748, WSE-4322]

An attacker can trigger a Cross Site Scripting in Block Pages, in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2014-9711, CVE-2015-2703, WSE-4308]

An attacker can trigger a Cross Site Scripting in Job Queue, in order to execute JavaScript code in the context of the web site. [severity:2/4; CVE-2014-9711, CVE-2015-2703, WSE-3881]

An attacker can define a special environment variable, which is transmitted (via CGI or OpenSSH for example) to bash, in order to execute code (VIGILANCE-VUL-15399). [severity:3/4; CVE-2014-6271, WSE-4219]

An attacker can trigger a Cross Site Request Forgery in V-Series Appliances, in order to force the victim to perform operations. [severity:2/4; APP-3494, CVE-2015-2746]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness note impacts software or systems such as TRITON AP-WEB, Websense Web Filter, Websense Web Security.

Our Vigil@nce team determined that the severity of this threat note is important.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 9 vulnerabilities.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer weakness.

Solutions for this threat 

Websense TRITON AP-WEB: version 8.0.
The version 8.0 is fixed:
  http://www.websense.com/

Websense Web Security: version 7.8.4 Hotfix 02.
The version 7.8.4 Hotfix 02 is fixed:
  http://www.websense.com/
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides software vulnerability alerts. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.