Information Security all in one place!

Enterasys: SecureStack Switch v6 Multiple Vulnerabilities

 

The Enterasys C5 is a scalable, high-performance Gigabit Ethernet switch offering support for IEEE 802.3at
compliant high-power PoE, flexible 10 Gigabit Ethernet options, dynamic IPv4 and IPv6 routing and enhanced
automation capabilities to provide for a future-proofed solution that significantly reduces operational
expenses for customers.

Vendor Homepage:  http://www.enterasys.com/products/security-enabled-infrastructure/securestack-cseries.aspx

Details:

Multiple persistent Input Validation vulnerabilities are detected on Enterasys SecureStack Switches Series A – C.
Local low privileged user accounts can implement/inject malicious script code to manipulate modules via persistent context
requests. When exploited by an authenticated user, the identified vulnerabilities can result in information disclosure via error,
session hijacking, access to available appliance services, manipulated persistent content execution out of the application context.

The vulnerabilities can be exploited by remote attackers with low required user inter action. For demonstration or reproduce …

Exploitation via Console:
Command#1: set vlan name 1337 <script>alert(document.cookie)</script>
Command#2: set system name http://www.vulnerability-lab.com>
Command#3: set system location “><iframe src=a onload=alert(“VL”) <
Command#4: set system contact <script>alert(‘VL’)</script>

The security risk of the persistent Input Validation Vulnerabilities is estimated as high

Credits:
========
Vulnerability Laboratory Researcher   –  Julien Ahrens  (MrTuxracer) [www.inshell.net]

Advertisements

Let's hear what you have to say.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s