Search This Blog

Wednesday, July 11, 2007

[REVS] Having Fun with Sensor Appliance Proventia GX5108 and GX5008 Insecurities (Part One)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html


- - - - - - - - -

Having Fun with Sensor Appliance Proventia GX5108 and GX5008 Insecurities
(Part One)
------------------------------------------------------------------------


SUMMARY

Several security vulnerabilities have been found in ISS's Proventia
appliance, these vulnerabilities allow remote attackers to cause cross
site scripting vulnerabilities in their user interface, cause the PHP
scripts running on the server to include remote files as well as due to
the usage of old OpenSSH (and in compatibility mode) to allow brute
forcing of usernames and passwords with a timing attack.

DETAILS

Introduction:
Proventia Network IPS (Intrusion Prevention System) and IDS (Intrusion
Detection System) stops malicious Internet attacks before they impact your
organization, the only effective way to preserve network availability,
reduce the burden on your IT resources and prevent security breaches.

This document presents a couple of ideas for exploiting weaknesses in
typical (local and remote) box configurations appliance, the second part
will be related SITE PROTECTOR and administration vulnerabilities.

The paper is based on the bypassing of filtration of a common web
application security hole known as XSS(Cross site scripting), RFI (Remote
File Inclusion) and common attacks on services / ports.


ADDITIONAL INFORMATION

The information has been provided by <mailto:ahernandez@sybsecurity.com>
Alex Hernandez.
The original article can be found at:
<http://www.sybsecurity.com/hack-proventia-1.pdf>

http://www.sybsecurity.com/hack-proventia-1.pdf

========================================


This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com


====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)