---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Cisco ASA WebVPN Multiple Vulnerabilities SECUNIA ADVISORY ID: SA35511 VERIFY ADVISORY: http://secunia.com/advisories/35511/ DESCRIPTION: Some vulnerabilities and a security issue have been reported in Cisco Adaptive Security Appliance (ASA), which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks. 1) Input passed within web pages is not properly sanitised before being used in a call to eval() in context of the VPN web portal. This can be exploited to execute arbitrary HTML and script code in user's browser session in context of the WebVPN. 2) Input passed via ROT13-encoded query parameters to the VPN web portal is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of the VPN web portal. 3) A security issue exists in the handling of Common Internet File System (CIFS) and FTP shares in the SSL VPN feature. This can be exploited to conduct spoofing attacks and potentially disclose the user's credentials if a user follows a specially crafted link. The vulnerabilities are reported in versions prior to 8.0.4(34), 8.1.2(25), and 8.2.1(3) that are configured to accept Clientless SSL VPN connections. SOLUTION: Update to version 8.0.4(34), 8.1.2(25), or 8.2.1(3). http://www.cisco.com/pcgi-bin/tablebuild.pl/ASAPSIRT PROVIDED AND/OR DISCOVERED BY: David Byrne, Trustwave's SpiderLabs ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=18373 http://tools.cisco.com/security/center/viewAlert.x?alertId=18442 http://tools.cisco.com/security/center/viewAlert.x?alertId=18536 Trustwave: https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------