BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Same-origin policy bypass vulnerabilities in several VPN products reported Dec 02 2009 11:51AM
Juha-Matti Laurio (juha-matti laurio netti fi)
Vulnerabilities in several clientless SSL VPN products have been reported.

Gathering authentication cookies etc. is reportedly possible.
At time of writing US-CERT's advisory lists the status of about 90 vendors.

US-CERT Vulnerability Note VU#261869:
http://www.kb.cert.org/vuls/id/261869
Severity ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus