CVE-2009-2631

Name of the Vulnerable Software and Affected Versions Stonesoft StoneGate (affected versions not specified) Cisco ASA (affected versions not specified) SonicWALL E-Class SSL VPN (affected versions not specified) SonicWALL SSL VPN (affected versions not specified) SafeNet SecureWire Access Gateway (affected versions not specified) Juniper Networks Secure Access (affected versions not specified) Nortel CallPilot (affected versions not specified) Citrix Access Gateway (affected versions not specified)

Description The issue allows remote attackers to conduct cross-site scripting attacks, read cookies from other domains, access the Web VPN session to gain internal resources, perform key logging, and conduct other attacks. This is due to the products retrieving content from remote URLs and rewriting them to appear as if they originated from the VPN's domain, violating the same origin policy.

Recommendations For Stonesoft StoneGate, consider restricting access to the same domain as the VPN to minimize the risk of exploitation. For Cisco ASA, restrict access to the same domain as the VPN to prevent cross-site scripting attacks and unauthorized access to internal resources. For SonicWALL E-Class SSL VPN and SonicWALL SSL VPN, limit the ability of the VPN to retrieve and rewrite content from remote URLs to prevent attacks. For SafeNet SecureWire Access Gateway, implement configuration changes to restrict access to the VPN's domain and prevent violation of the same origin policy. For Juniper Networks Secure Access, Nortel CallPilot, and Citrix Access Gateway, apply similar restrictions and configuration changes to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.