Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
PR07-13: Cross-site Scripting / HTML injection on F5 FirePass 4100 SSL VPN 'download_plugin.php3' server-side script Nov 12 2007 11:04PM
research procheckup com
Date Found: 19th June 2007

Successfully tested on: version 5.5.2

F5 Networks has confirmed the following versions to be vulnerable:

FirePass versions 5.4 - 5.5.2

FirePass versions 6.0 - 6.0.1

Description:

F5 Networks FirePass 4100 SSL VPN is vulnerable to XSS within the "backurl" par...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus