This paper is the result of various security assessments performed on several CheckPoint/SofaWare firewalls in both a controlled (computer lab) and production environments during several penetration tests. Several different CheckPoint/SofaWare firewall models were purchased for testing in their computer lab. By having full access to the target devices, it becomes possible to discover new vulnerabilities that could be missed during a standard unauthenticated penetration test.
c35375f660fa53fbebaaebb25ec6173e990a9bc1e26ffd2917339ccfbf6a2454CheckPoint/Sofaware firewalls suffer from redirection, cross site request forgery, cross site scripting, and information disclosure vulnerabilities.
5ae76cdada41d919af4e21bd1b0d36824ad80b60a77057ebb204db615d421663HP System Management Homepage suffers from multiple cross site scripting vulnerabilities.
99f2488279fb151519b0edb33eb7e2752234eacfbf392e7175fe011728ee9565Mitel Audio and Web Conferencing version 4.4.30 suffers from multiple cross site scripting vulnerabilities.
89f24d51c3ff886d0bd19239c449f15af0c50c1c88a3ec85cd52c0e52a1fd8a2KeyFax Response Management System version 3.2.2.6 suffers from cross site scripting and information disclosure vulnerabilities.
a61a149c3434df8b6fdb5b0b31cf5a857eaa9a52d5b3e26a7f96a758867acfd8BMC Dashboards version 7.6.01 suffers from cross site scripting and arbitrary file reading vulnerabilities.
94e598cb8a417f4029046945b2b6cbe27cca569b5151f8df4790880703c96972BMC Remedy Knowledge Management version 7.5.00 suffers from authentication bypass and cross site scripting vulnerabilities.
d356dd4cf96a5d6f7f2a2ab438039bdf3b5378931ce917cdfbaf91429aab6d07Adobe ColdFusion suffers from multiple cross site scripting and information disclosure vulnerabilities in the administration console.
d873c49e2d5b51031c48ef05bac08618d85d900ad26132a94d2342aa6e42ee80The WordPress Viva Thumbs add-on suffers from a directory traversal vulnerability.
e0129edf99ac555bc7e005155bad8318e57f383b886ea7b15325a3c2f6908bfbMitel's AWC (Mitel Audio and Web Conferencing) suffers from an unauthenticated remote command execution vulnerability.
d8ebd53382f1971b52183a49644b0acc8ffacacf752faf70fcaba699b9613c61PHP Universal Web Messenger suffers from a cross-domain redirect vulnerability.
3d11a6d4f9d5cdf42c90ac17922caf1bba35357aa4b5bbdfd7e1d98500977074BlogCFC suffers from multiple cross site scripting vulnerabilities.
4a5f358eaed72d5ca282ae8e50804475f5e28c6ce5892b58a294a6f1fbd50ecaMura CMS version 5.2.2085 suffers from multiple cross site scripting vulnerabilities.
9d4bb82fb22f559637164afc13054f172d012612b19b9a0b1fbc6c059f0d39aaThe HP System Management Homepage suffers from multiple cross site scripting vulnerabilities. Versions 3.0.0.68, 3.0.2.77 and 6.1.0.103 have all been found affected.
53a9041c70d9e51c0569b7768b8ae8e00a154b6d73b60ce6004bc7053e66c59dDotNetNuke CMS suffers from a cross site scripting vulnerability.
e2cee82f66c17ce4cc491e556a580f9bf0bb2e17c96c5440ce18037d77ac55b8The Adobe Coldfusion administration console suffers from a traversal vulnerability that allows for unauthenticated file retrieval.
59cbe441b1cfdd493b736961317513e747a4567e06054074f35b525e6cd63aedProcheckup has found by making a malformed request to the Juniper IVE Web interface without authentication, that a vanilla cross site scripting (XSS) attack is possible.
b19b3cf027c13feb0c9453befa1a1695ad3c71996e2d1625b3489dfef480afbaThere are multiple authenticated Cross-site Scripting vulnerability on Junipers, IVE web interface. Procheckup has found by making a malformed authenticated request to the IVE Web interface, that vanilla cross site scripting (XSS) attacks are possible.
326494fa568636de33e0f91b5754e4162844799a25a06bf6b2e512036e7a8781The Apache Axis2 administration console version 1.4.1 suffers from a cross site scripting vulnerability.
ed58940ac4538c0cd3fe086d4b9d9375b502074e41a4c5e2e8c33d83524a35ab3Com's iMC (Intelligent Management Centre) provides professional management of 3Com and third party network devices, the IMC is normally accessed using a web browser over port 8080. Various IMC pages are vulnerable to a reflective XSS attack, including the login page. Various pages also disclose information including the SQL sa account password which might be used to assist in carrying out further attacks.
14a0d934e67f92397613f7bba706a6ee6f5fb1c8d47058c1d6c0df0cd0fa51c23Com's iMC (Intelligent Management Centre) provides professional management of 3Com and third party network devices, the IMC is normally accessed using a web browser over port 8080. Procheckup has discovered that the IMC management console is vulnerable to an unauthenticated directory traversal attack within the reporting functionality.
6192a54caa6b9d2367e3f0145e14d891d023f72d8b43f7842e66482213d45191Portwise SSL VPN version 4.6 suffers from a cross site scripting vulnerability.
d9b96b55dfa2056ae70f1178f252fe1ab57454ee9e6be79fb320310542a95c6aCommonSpot Server suffers from a cross site scripting vulnerability.
df67dfe5debcbb27e0fef223695bfa6598ccdaa78f99196c76f1ec8693d28f42HP System Management
ddcc79a177acbbd59d6d2d079154c3d46d3fcfdbb7f16e567efe08e109ead8d5Novell GroupWise WebAccess suffers from a cross site scripting vulnerability. Version 7.0.3 is affected.
8348d6de98893f1fbe8f491cb7e3dbf8a1f1b7c208a476cf8a27a8b3c4e972c9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed