McAfee Unified Threat Management Firewall Cross Site Scripting Issue


Description   A vulnerability has been identified in McAfee Unified Threat Management (UTM) Firewall, which could be exploited by attackers to execute arbitrary scripting code. This issue is caused by an input validation error in the web interface when processing the "page" parameter supplied via the "/cgi-bin/cgix/help" page, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected firewall.
     
Vulnerable Products   Vulnerable Software:
McAfee Unified Threat Management (UTM) Firewall firmware versions 3.0.0 through 4.0.6
     
Solution   Upgrade to McAfee UTM firmware version 4.0.7 : http://go.mcafee.com/utm
     
CVE   CVE-2010-2290
     
References   https://kc.mcafee.com/corporate/index?page=content&id=SB10010
http://ngenuity-is.com/advisories/2010/jun/9/mcafee-utm-firewall-help-cross-site-scripting/
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
XSS - Prevention - GET : suspicious 'iframe' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious tag with event found in URL
3.2.0
XSS - Prevention - GET : suspicious 'applet' tag found in URL
3.2.0
XSS - Phishing : suspicious 'div' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'style' attribute found in URL
3.2.0
XSS - Phishing : suspicious 'a' tag found in URL
3.2.0
XSS - Prevention - GET : cookie access attempt using script language found in URL
3.2.0
XSS - Prevention - GET : suspicious 'embed' tag found in URL
3.2.0
XSS - Prevention - GET : suspicious 'object' tag found in URL
3.2.0
XSS - Phishing : suspicious 'form' tag found in URL
3.2.0
XSS - Prevention - GET : javascript code found in URL
3.2.0
XSS - Prevention - GET : evasion attempt using tag characters encoding in URL
3.2.0
XSS - Prevention - GET : suspicious 'style' tag found in URL
3.2.0
XSS - Phishing : suspicious 'link' tag found in URL
3.2.0
XSS - Prevention - GET : 'script' tag found in URL
3.2.0
XSS - Prevention - GET : 'location' javascript object found in URL
3.2.0
XSS - Prevention - GET : suspicious 'div' tag found in URL
3.2.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2010-06-10 

 Target Type 
Client 

 Possible exploit 
Local & Remote