Top Five Web Application Vulnerabilities 6/08/09 - 6/23/09

1) F5 Networks FirePass SSL VPN Unspecified Cross-Site Scripting Vulnerability


F5 Networks FirePass SSL VPN is susceptible to a Cross-Site Scripting vulnerability.  If successful, Cross-Site Scripting can be exploited to manipulate or steal cookies, create requests that can be mistaken for those of a valid user, compromise confidential information, or execute malicious code on end user systems. An update which resolves this issue has been released. Contact the vendor for more details.


http://www.securityfocus.com/bid/35312


2) ModSecurity SQL Injection Rule Security Bypass Vulnerability


ModSecurity is susceptible to a SQL Injection rule security bypass vulnerability due to improper validation of user-supplied input.  An attacker can leverage this to bypass security restrictions and perform a number of web-application attacks.  A fix has not yet been released. Contact the vendor for additional information.


http://www.securityfocus.com/bid/35323


3) Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability


Apache Tomcat is susceptible to an information disclosure vulnerability. Successful exploitation would give an attacker access to sensitive information which could likely be used to conduct more damaging attacks. Updates which resolve this issue have been released. Contact the vendor for further information.


http://www.securityfocus.com/bid/35263


4) FireStats 'firestats-wordpress.php' Remote File Include Vulnerability


FireStats is susceptible to a remote file include vulnerability due to improper validation of user-supplied input. Successful exploitation could lead to a complete compromise of the application and underlying system.  The latest version (1.6.2) resolves this issue. Contact the vendor for more information.


http://www.securityfocus.com/bid/35367


5) Kerio MailServer WebMail Cross Site Scripting Vulnerability


Kerio MailServer WebMail is susceptible to a Cross-Site Scripting vulnerability. Cross-Site Scripting occurs when dynamically generated web pages display user input, such as login information, that is not properly validated, allowing an attacker to embed malicious scripts into the generated page and then execute the script on the machine of any user that views the site.  Updates which resolve this issue have been released. Contact the vendor for further details.


http://www.securityfocus.com/bid/35264


 


 


 

Comments
Wh1t3Rabbit | ‎06-24-2009 09:32 PM

#1 is an epic vulnerability.  With an SSL VPN, if you steal the "session" then you've now got a valid VPN tunnel in most cases... - hopefully that's not the case here but I wouldn't hold my breath.

... who said XSS isn't deadly?

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.