CVE-2009-5120

Name of the Vulnerable Software and Affected Versions Websense Web Security versions 7.0 Websense Web Filter versions 7.0

Description The default configuration of Apache Tomcat in Websense Manager allows connections to TCP port 1812 from arbitrary source IP addresses. This makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 text to the 404 error page of a Project Woodstock service on this port.

Recommendations For Websense Web Security version 7.0, restrict access to TCP port 1812 to prevent connections from arbitrary source IP addresses. For Websense Web Filter version 7.0, restrict access to TCP port 1812 to prevent connections from arbitrary source IP addresses.