---------------------------------------------------------------------- Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more: http://secunia.com/advisories/business_solutions/ ---------------------------------------------------------------------- TITLE: Cisco IronPort Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA33479 VERIFY ADVISORY: http://secunia.com/advisories/33479/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Exposure of sensitive information WHERE: >From remote OPERATING SYSTEM: Cisco IronPort Encryption Appliance 6.x http://secunia.com/advisories/product/20990/ SOFTWARE: Cisco IronPort PostX 6.x http://secunia.com/advisories/product/20991/ DESCRIPTION: Some vulnerabilities have been reported in Cisco IronPort products, which can be exploited by malicious people to disclose sensitive information or conduct cross-site request forgery attacks. 1) A logic error in the IronPort Encryption Appliance can be exploited to obtain the unique, per-message decryption key and disclose the content of a secure email message. 2) An unspecified error can be exploited to disclose the message content and the user's credentials by intercepting a secure email message or sending a forged copy of the email message. Successful exploitation of these vulnerabilities requires that an attacker has been able to intercept a secure email message. 3) The web-based administration interface allows user to perform certain actions via HTTP request without performing any validity checks to verify the requests. This can be exploited to e.g. modify a user's preference settings, including the user name and the personal security pass phrase, when a logged in user visits a specially crafted web page. The vulnerabilities are reported in the following versions: * PostX 6.2.1 versions prior to 6.2.1.1 * PostX 6.2.2 versions prior to 6.2.2.3 * IronPort Encryption Appliance/PostX 6.2.4 versions prior to 6.2.4.1.1 * IronPort Encryption Appliance/PostX 6.2.5 versions * IronPort Encryption Appliance/PostX 6.2.6 versions * IronPort Encryption Appliance/PostX 6.2.7 versions prior to 6.2.7.7 * IronPort Encryption Appliance 6.3 versions prior to 6.3.0.4 * IronPort Encryption Appliance 6.5 versions prior to 6.5.0.2 SOLUTION: The vendor has released patches. Please contact the IronPort technical support. http://www.ironport.com/support/contact_support.html PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits J.B. Snyder of Brintech ORIGINAL ADVISORY: Cisco (cisco-sa-20090114-ironport): http://www.cisco.com/en/US/products/products_security_advisory09186a0080a5c4f7.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------