Multiple Vendor Web Console Privilege Escalation Vulnerability

ID ZDI-07-080
Type zdi
Reporter Anonymous
Modified 2010-11-09T00:00:00


This vulnerability allows attackers to execute arbitrary code on vulnerable installations of TippingPoint IPS and Juniper ScreenOS. Authentication is required to exploit this vulnerability.

The specific flaw exists in the web-based administrative console of the affected devices. Unprivileged users with read only permissions are not presented with restricted functionality such as the ability to modify users, device configuration or reboot the device. However, no check is made on the back end to prevent unprivileged users from accessing these resources. By manually generating requests to administrative components, privilege restrictions are easily bypassed.