Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Security App Flaws :: hack2665.htm

CyberGuard proxy / firewall XSS
CyberGuard proxy / firewall XSS


Vendor : CyberGuard

URL    : http://www.cyberguard.comHREF=""> 

Version: 5.1 - Other versions have not been not tested

Issue  : Cross Site Script

Impact : Low - Medium


HREF=""> Overview of product


By issuing a GET request for an invalid Internet domain name http://domain.tldHREF="http://domain.tld">http://domain.tld through the CyberGuard proxy from an internal network to the Internet, it is possible to append a basic syntax for a Cross Site Script...

For instance: Click">HREF="http://domain.tld<script>alert('test')</script>">Click here.

Variants have been tested and it is possible to also include images on the error page.

For instance: it is possible to specify an image with the <img src> tag while also specifying a Cross Site Script - in the same address <script>alert('test')</script>

Should you be 'vulnerable' to the CyberGuard proxy / firewall CSS then you should see a similar page or a variant depending on the configuaration.

As http (through the GUI) can be used as a mechanism whereby access to the the logs can be viewed, it may be possible for a miscreant to, through the usual obfuscation methods (encoding types) trick an administrator of the CyberGuard proxy / firewall into clicking on a Cross Site Script to gain privileged user credentials by specifying the (document.cookie) with a refer to a file where the user credentials can be collected for the purpose of executing by loading the credentials into the Achilies (or similar) proxy.

Note: this method of attack is yet untested.

Possible Solution:

Input validation of code executed on the CyberGuard proxy / firewall.

Configure the Cyberguard proxy / firewall so that management access can only be accessed via SSH.


See Vendor for solution.

Vendor Notification:



Everyone doing IT Security

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH