Symantec Gateway Security Management Service XSS

2004-02-27T16:12:53
ID OSVDB:4706
Type osvdb
Reporter Brian J. Soby(brian_j_soby@raytheon.com)
Modified 2004-02-27T16:12:53

Description

Vulnerability Description

Symantec Gateway Security's management service contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate URLs before returning it in an error message. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Symantec has released a patch to address this vulnerability.

Short Description

Symantec Gateway Security's management service contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate URLs before returning it in an error message. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

https://[victim]:2456/sgmi/<script>evil</script>

References:

Vendor URL: http://enterprisesecurity.symantec.com/products/products.cfm?ProductID=133 Vendor Specific Solution URL: http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_2_5400/files.html Vendor Specific Advisory URL Security Tracker: 1009231 Mail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107790684732458&w=2 Keyword: SYM04-003 ISS X-Force ID: 15330 CVE-2004-0192 Bugtraq ID: 9755