Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2012.0092 Juniper Mobility System Software (MSS) web portal WebAAA cross-site scripting (XSS) 20 June 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Juniper Mobility System Software Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Cross-site Scripting -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2012-1038 Member content until: Friday, July 20 2012 OVERVIEW Craig Lambert, of Dell SecureWorks, discovered a cross-site scripting vulnerability in the web portal (WebAAA) of Juniper Networks Mobility System Software (MSS). Proof of concept code is publicly available. [1] IMPACT There is no publicly available information on the Juniper website however Dell SecureWorks has provided details on their website: "A vulnerability exists in the WebAAA login function for versions prior to 7.6.3 and 7.7.1 due to insufficient input validation of arbitrary URL parameters. Successful exploitation may aid an attacker in retrieving session cookies, stealing recently submitted data, or launching further attacks." [1] MITIGATION The vulnerability is fixed in versions 7.6.3 and 7.7.1, available from the Juniper website (login required).[2] REFERENCES [1] Juniper Mobility System Software (MSS) web portal WebAAA cross-site scripting (XSS) http://www.secureworks.com/advisories/swrx-2012-004/SWRX-2012-004.pdf [2] Juniper Mobility System Software (MSS): Parameter is not properly sanitized allowing XSS (PSN-2012-06-611) http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-06-611&viewMode=view AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBT+FJhe4yVqjM2NGpAQLn4w/+IwlFcqZK3g80PtSAsBR4xSMMZUIK+Ra9 WSf4+VkFumDuCZyT9KtWbVlCdOZkbg6nDusA4peVawQF215PBFYc0ZWZvHt/i3gY 7tTXvB1uwD00jUfnXnFfnZD0Yea+B+cvCRItj1IdKx94KDi3vtLX1xj9n7VOpXH5 OOF/D4OkgnC9b0JsVTLN9KoIk1CQWbiCfeu+ktOjJox5phnzYGbKp0tdxeINSL5o A5wtsQF0pMGzLOEaLip4UN64kaG4cn9zVUMNngyXEwBdn+nTP+rWiJSXixH42ERP 6KrDOaj63JlwElT+6JVIfMajNWk3pmF6JLmyRcuRHKe7Kf+fRu6gGd8n/I939R8B IS1mZT1Rq39otucwvbq6i7P15f/Uhhl/iWQphTucW/w7AftPxBgEJEQQDHYUfba8 sDdotJbLSyQDUeRAAU2LWBZmgVtIknXfQ8CCHhtHV5tk943LX0ORalQ+cul/gMUS nBMiOAOqwnz/6v5moRW0SYtaqjAK4Vt2df5YNlKZjt+fvU/nd/Ril3fXsBX6aWi+ zFo1s5AG+NWMdIJuQKwG4AkGGB7Ehyd/rrNN8BP+7kRIWxDCZoXdXnDPOIvrs9xs /Irrm0D5MHY/OE191FU+5LBQh/kVRtZz0y5n+yRqyQKzamew5HhDaadPgVywe/bM R4WfZ0rEh98= =IUKp -----END PGP SIGNATURE-----