Knowledge Search


×
 

Cross-site Scripting (XSS) vulnerability in ScreenOS Software


  [JSA10388] Show Article Properties


Legacy Advisory Id:
PSN-2008-09-009
Product Affected:
NetScreen Hardware Security Client (HSC), NetScreen-5GT Series, NetScreen-25, NetScreen-50, NetScreen-200 Series, NetScreen-500, Integrated Security Gateway (ISG) 1000, ISG 1000-IDP, ISG 2000, ISG 2000-IDP, Secure Services Gateway (SSG) 5, SSG 20, SSG 140, SSG-320M, SSG-350M, SSG 500-Series, and NetScreen-5000 Series.
Problem:

Juniper Firewall/IPSec VPN platforms that run ScreenOS software are protected against most XSS attacks. The WebUI event logs were vulnerable to XSS poisoning from failed logon attempts due to lack of protection against a certain type of encoding.

Juniper would like to thank Deral Heiland from Layered Defense Research for discovering and reporting this issue to Juniper's SIRT Team.

Solution:

ScreenOS versions 5.4r10, 6.0r6, 6.1r2, and later revisions have been modified to eliminate this vulnerability.

Administrators can restrict administrative access in two ways in order to mitigate the attack:
1. enable manager-ip feature to allow only specific hosts/subnets to manage the device
2. disable management in untrusted zones to completely any login attempts

Implementation:

Customers running a release of ScreenOS earlier than 5.4r10, or a revision earlier than those listed above, are strongly encouraged to upgrade their software to a fixed release/revision. A new ScreenOS 5.3 version is currently being built for customers running this version and that cannot upgrade to any of the versions listed above.

In order to configure manager-ip and disable management refer to ScreenOS Concepts and Examples Guide - Vol. 3 - Administration in ScreenOS Software Documentation.

Related Links:
Severity Level:
Low
Severity Assessment:
This is a low risk vulnerability with a recommendation to upgrade as needed