Cross Site Scripting Vulnerability in CheckPoint VPN-1 UTM Edge

Number: AV08-023
Date: 07 March 2008

Purpose

The purpose of this advisory is to draw attention to a cross site scripting vulnerability in the CheckPoint VPN-1 UTM Edge Logon Page.

Assessment

A cross site scripting vulnerability has been identified in CheckPoint VPN-1 UTM Edge HTTP form-based authentication which can lead to the remote execution of arbitrary code in the targeted user's web browser. Successful exploitation of this vulnerability could provide an attacker with access to potentially sensitive information enabling additional attacks.

Note: This issue does not affect authentication over HTTPS.

Affected Products:

CheckPoint VPN-1 UTM Edge versions prior to 7.5.48

Suggested action

CCIRC recommends that administrators test and apply the latest update provided by the vendor at the earliest opportunity:

http://support.checkpoint.com/

References:

http://support.checkpoint.com/
http://www.securityfocus.com/bid/28116/discuss
http://www.louhi.fi/advisory/checkpoint_080306.txt

Note to Readers

The Canadian Cyber Incident Response Centre (CCIRC) provides a focal point for Canada's cyber threat and vulnerability warning, analysis and response. CCIRC is responsible for assuring the resilience of national critical infrastructure through monitoring threats and coordinating a federal response to cyber security incidents of national interest. CCIRC operates in conjunction with the Government Operations Centre (GOC) within Public Safety Canada and is a key component of the government's all-hazards approach to emergency management and national security.

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: communications@ps-sp.gc.ca