exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Juniper Secure Access Cross Site Scripting

Juniper Secure Access Cross Site Scripting
Posted Mar 6, 2010
Authored by Logica

Juniper Secure Access suffers from a cross site scripting vulnerability. SA Appliances running Juniper IVE OS 6.0 or higher are affected.

tags | advisory, xss
systems | juniper
SHA-256 | 0882671fc019f10145475cd894b03e06c77f59799dbbcde50b40394c2be3d4ee

Juniper Secure Access Cross Site Scripting

Change Mirror Download
Hash: SHA256


The Juniper Secure Access (SA) web interface allows users to manage the
bookmarks on their landing page. This bookmark management functionality
does not filter user input properly and can allow cross site scripting

Upon modification or creation of a bookmark, the editbk.cgi script is
requested with a parameter named "row". This parameter identifies the
bookmark in question and its value is used in the server response. It is a
flaw in the input handling of this "row" parameter that makes the appliance
vulnerable to a cross site scripting attack.

Successful exploitation could allow a remote attacker to hijack an
authenticated session between a victim and the Juniper SA web interface.

Usage of the Single Sign-On (SSO) feature will severely increase the impact
as SSO automatically grants the hijacked session access to other systems
(e.g. typically used in combination with Outlook Web Access).


Juniper SA appliances running Juniper IVE OS 6.0 or higher


Juniper released IVE updates 6.3R7, 6.4R5 and 6.5R2 which fix this issue.
The updates and installation instructions are available for Juniper
customers on the Juniper website (note: login required)

Alternatively, the bookmark functionality can be temporary disabled until
the Juniper update has been applied. A Juniper administrator can disable
the bookmark functionality via the Central Manager by unchecking the "User
can add bookmarks" option in the "Web" tab of the active user roles.


This vulnerability was discovered by Niels Heinen from the security testing
services team of Logica Nederland B.V.
Author: Logica Nederland B.V. ("Logica")


Logica is a business and technology service company, employing 39,000
people. We're experts in security, and have been for over 40 years. We
help our clients to succeed against their competition by providing services
others cannot deliver, securely. Creating confidence with customers,
supporting growth. Keeping their brand highly regarded in the digital
world. With a secure organisation, new ways are possible, such as using
the cloud, mobile apps, outsourcing. We also help our clients to detect
and prevent fraudulent and criminal behaviour. Creating confidence for
society that you are protecting them from the increasing global threats in
the physical and on-line world. Ensuring vital services, such as energy and
telecoms, will be delivered without disruption.


Logica is not responsible for the use of the information we provide through
the advisories. Use of the information constitutes acceptance for use in an
as-is condition. There are no warranties with egard to this information.
Neither the author not the publisher accepts any liability for any direct,
indirect or consequential loss or damage arising from use of, or reliance
on, this information.

Version: PGP Desktop 10.0.1 (Build 4020)
Charset: utf-8


Please help Logica to respect the environment by not printing this email / Pour contribuer comme Logica au respect de l'environnement, merci de ne pas imprimer ce mail / Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica dabei, die Umwelt zu sch|tzen. / Por favor ajude a Logica a respeitar o ambiente nao imprimindo este correio electronico.

This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.

Login or Register to add favorites

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By