Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17461
HistoryJul 11, 2007 - 12:00 a.m.

[REVS] Having Fun with Sensor Appliance Proventia GX5108 and GX5008 Insecurities (Part One)

2007-07-1100:00:00
vulners.com
32
JSON

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site:
http://www.securiteam.com

    • promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

Having Fun with Sensor Appliance Proventia GX5108 and GX5008 Insecurities
(Part One)

SUMMARY

Several security vulnerabilities have been found in ISS's Proventia
appliance, these vulnerabilities allow remote attackers to cause cross
site scripting vulnerabilities in their user interface, cause the PHP
scripts running on the server to include remote files as well as due to
the usage of old OpenSSH (and in compatibility mode) to allow brute
forcing of usernames and passwords with a timing attack.

DETAILS

Introduction:
Proventia Network IPS (Intrusion Prevention System) and IDS (Intrusion
Detection System) stops malicious Internet attacks before they impact your
organization, the only effective way to preserve network availability,
reduce the burden on your IT resources and prevent security breaches.

This document presents a couple of ideas for exploiting weaknesses in
typical (local and remote) box configurations appliance, the second part
will be related SITE PROTECTOR and administration vulnerabilities.

The paper is based on the bypassing of filtration of a common web
application security hole known as XSS(Cross site scripting), RFI (Remote
File Inclusion) and common attacks on services / ports.

ADDITIONAL INFORMATION

The information has been provided by <mailto:[email protected]>
Alex Hernandez.
The original article can be found at:
<http://www.sybsecurity.com/hack-proventia-1.pdf&gt;
http://www.sybsecurity.com/hack-proventia-1.pdf

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: [email protected]
In order to subscribe to the mailing list, simply forward this email to: [email protected]

====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of
business profits or special damages.

JSON