Vigil@nce: Websense Email Security, two vulnerabilities
October 2009 by Vigil@nce
An attacker can generate a Cross Site Scripting or a denial of
service in Websense Email Security Web Administrator.
– Severity: 2/4
– Consequences: client access/rights, denial of service of service
– Provenance: intranet client
– Means of attack: 2 attacks
– Ability of attacker: beginner (1/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Number of vulnerabilities in this bulletin: 2
– Creation date: 21/10/2009
IMPACTED PRODUCTS
– Websense Email Security
DESCRIPTION OF THE VULNERABILITY
The Websense Email Security Web Administrator service
(STEMWADM.EXE), which listens on port 8181/tcp, is impacted by two
vulnerabilities.
An attacker can send an HTTP query, and then close the socket
before receiving the answer, in order to stop the service.
[grav:2/4; BID-36740, CVE-2009-3749, NSOADV-2009-002]
An attacker can generate a Cross Site Scripting in the
msgAnalyse.asp, msgForwardToRiskFilter.asp, viewHeaders.asp pages,
or in the subject of an email. [grav:2/4; BID-36741,
CVE-2009-3748, NSOADV-2009-003]
CHARACTERISTICS
– Identifiers: 670921, BID-36740, BID-36741, CVE-2009-3748,
CVE-2009-3749, NSOADV-2009-002, NSOADV-2009-003, VIGILANCE-VUL-9109
– Url: http://vigilance.fr/vulnerability/Websense-Email-Security-two-vulnerabilities-9109