This paper is the result of various security assessments performed on several CheckPoint/SofaWare firewalls in both a controlled (computer lab) and production environments during several penetration tests. Several different CheckPoint/SofaWare firewall models were purchased for testing in their computer lab. By having full access to the target devices, it becomes possible to discover new vulnerabilities that could be missed during a standard unauthenticated penetration test.
c35375f660fa53fbebaaebb25ec6173e990a9bc1e26ffd2917339ccfbf6a2454CheckPoint/Sofaware firewalls suffer from redirection, cross site request forgery, cross site scripting, and information disclosure vulnerabilities.
5ae76cdada41d919af4e21bd1b0d36824ad80b60a77057ebb204db615d421663HP System Management Homepage suffers from multiple cross site scripting vulnerabilities.
99f2488279fb151519b0edb33eb7e2752234eacfbf392e7175fe011728ee9565Mitel Audio and Web Conferencing version 4.4.30 suffers from multiple cross site scripting vulnerabilities.
89f24d51c3ff886d0bd19239c449f15af0c50c1c88a3ec85cd52c0e52a1fd8a2KeyFax Response Management System version 3.2.2.6 suffers from cross site scripting and information disclosure vulnerabilities.
a61a149c3434df8b6fdb5b0b31cf5a857eaa9a52d5b3e26a7f96a758867acfd8BMC Dashboards version 7.6.01 suffers from cross site scripting and arbitrary file reading vulnerabilities.
94e598cb8a417f4029046945b2b6cbe27cca569b5151f8df4790880703c96972BMC Remedy Knowledge Management version 7.5.00 suffers from authentication bypass and cross site scripting vulnerabilities.
d356dd4cf96a5d6f7f2a2ab438039bdf3b5378931ce917cdfbaf91429aab6d07Adobe ColdFusion suffers from multiple cross site scripting and information disclosure vulnerabilities in the administration console.
d873c49e2d5b51031c48ef05bac08618d85d900ad26132a94d2342aa6e42ee80The WordPress Viva Thumbs add-on suffers from a directory traversal vulnerability.
e0129edf99ac555bc7e005155bad8318e57f383b886ea7b15325a3c2f6908bfbBlogCFC suffers from multiple cross site scripting vulnerabilities.
4a5f358eaed72d5ca282ae8e50804475f5e28c6ce5892b58a294a6f1fbd50ecaMura CMS version 5.2.2085 suffers from multiple cross site scripting vulnerabilities.
9d4bb82fb22f559637164afc13054f172d012612b19b9a0b1fbc6c059f0d39aaDotNetNuke CMS suffers from a cross site scripting vulnerability.
e2cee82f66c17ce4cc491e556a580f9bf0bb2e17c96c5440ce18037d77ac55b8The Adobe Coldfusion administration console suffers from a traversal vulnerability that allows for unauthenticated file retrieval.
59cbe441b1cfdd493b736961317513e747a4567e06054074f35b525e6cd63aedProcheckup has found by making a malformed request to the Juniper IVE Web interface without authentication, that a vanilla cross site scripting (XSS) attack is possible.
b19b3cf027c13feb0c9453befa1a1695ad3c71996e2d1625b3489dfef480afbaThere are multiple authenticated Cross-site Scripting vulnerability on Junipers, IVE web interface. Procheckup has found by making a malformed authenticated request to the IVE Web interface, that vanilla cross site scripting (XSS) attacks are possible.
326494fa568636de33e0f91b5754e4162844799a25a06bf6b2e512036e7a8781The Apache Axis2 administration console version 1.4.1 suffers from a cross site scripting vulnerability.
ed58940ac4538c0cd3fe086d4b9d9375b502074e41a4c5e2e8c33d83524a35ab3Com's iMC (Intelligent Management Centre) provides professional management of 3Com and third party network devices, the IMC is normally accessed using a web browser over port 8080. Various IMC pages are vulnerable to a reflective XSS attack, including the login page. Various pages also disclose information including the SQL sa account password which might be used to assist in carrying out further attacks.
14a0d934e67f92397613f7bba706a6ee6f5fb1c8d47058c1d6c0df0cd0fa51c23Com's iMC (Intelligent Management Centre) provides professional management of 3Com and third party network devices, the IMC is normally accessed using a web browser over port 8080. Procheckup has discovered that the IMC management console is vulnerable to an unauthenticated directory traversal attack within the reporting functionality.
6192a54caa6b9d2367e3f0145e14d891d023f72d8b43f7842e66482213d45191CommonSpot Server suffers from a cross site scripting vulnerability.
df67dfe5debcbb27e0fef223695bfa6598ccdaa78f99196c76f1ec8693d28f42SAP BusinessObjects version 12 suffers from multiple cross site scripting vulnerabilities.
085ac75868915cdcd505723a58a8951419e5f53a87bd76e3d537fde452b51eecHP System Management
ddcc79a177acbbd59d6d2d079154c3d46d3fcfdbb7f16e567efe08e109ead8d5The Orion application server version 2.0 through 2.0.8 suffer from cross site scripting vulnerabilities.
785bd9d3ce450fcd5fded927dcadc6d6494e90bb158d98d343a0b0e06aff6208The perl-status utility as included with Mod_perl suffers from a cross site scripting vulnerability.
de439bb421e77dc689929ce1ef77502f19c9bc54c7d2836c7d566630c8db74c5Novell GroupWise WebAccess suffers from a cross site scripting vulnerability. Version 7.0.3 is affected.
8348d6de98893f1fbe8f491cb7e3dbf8a1f1b7c208a476cf8a27a8b3c4e972c9An unauthenticated file retrieval vulnerability exists on the Sun Java System Identity Manager.
b9cdf1803245bb22824bf0f94a63052849f94ebcd387e642343d714cc5063316
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed