BLOG
 
Blog: WiFi Experts

New Dynamic Threat Update Available for Aruba Cross-site Scripting Vulnerability
Author/Blog Contributor - Jesse Frankel, Product Manager, Fluke Networks
Date: August 01, 2011

Recently Aruba Networks issued an advisory on a Cross Site Scripting vulnerability in their ArubaOS and AirWave web management interfaces. A malicious user could plant a physical or soft AP anywhere near the WLAN and broadcast a specific SSID that contains Cross-site scripting content. Once the Aruba system records that malicious SSID and an unsuspecting admin runs a report and clicks on the link that contains the malicious SSID, it is possible to create a Cross-site scripting condition. A Cross-site scripting condition is where a user injects the client side script into the browser. In the Aruba case, it's the Access Point that is injecting the client side script. This could potentially execute commands on the systems with admin credentials.

Cross-site scripting attacks are typically targeted at web applications by injecting a client side script into the web page. What type of web applications? Any web site that contain forms to input data, or in Aruba's case, the system already wrote the information of the malicious Access Point into the database, so any time a user clicks on a link that contains the Cross-site scripted name, the client side script will be executed.

What makes this particular attack interesting is the use of a wireless access point or device that is broadcasting the vulnerability. This makes it extremely easy to target WLAN networks. The system monitoring the WLAN only needs to see the malicious SSID one time so it gets recorded in the database. Next time the WLAN admin runs any web pages that are susceptible to Cross-site scripting vulnerabilities, they will inadvertently execute the client side script that was injected in the web page and potentially compromise the system.

To address this vulnerability, the AirMagnet team at Fluke Networks has quickly released a new signature to alert when these types of devices are broadcasting malicious SSIDs. Through the new Dynamic Threat Update technology available in AirMagnet Enterprise 9.0, users are instantly protected with no need to manually download and upgrade their network.

 
Comments:
 
discount double check check icon cart icon newsletter icon icon plane Phone icon Icon Phone server icon ecommerce icon shopping cart icon Neon Backgrounds Phone Backgrounds Gold background Microsoft Desktop Backgrounds Windows Background Trippy backgrounds  eye icon fax icon credit card icon icon cro factory icon share icon icon credit union icon book microsoft word icon cell phone icon person icon internet icon deviantart icons icons backgrounds marks check mark Icon Parking فيروز كيفك انت وائل كفوري بيحن افلام اجنبية افلام افلام عربية افلام كرتون افلام هندية شات فور عدن شات فوكس عرب Nov. 24, 2013 10:37 AM

specific SSID that contains Cross-site scripting content. Once the Aruba system records that malicious SSID and an unsuspecting admin runs a report and clicks on the link that contains the malicious SSID, it is possible to create a Cross-site scripting condition. A Cross-site scripting condition is where a user injects the client side script into the browser. In the Aruba case, it's the Access Point that is injecting the client side script. This could potentially execute commands on the systems with admin credentials.

Cross-site scripting attacks are typically targeted at web applications by injecting a client side script into the web page. What type of web applications? Any web site that contain forms to input data, or in Aruba's case, the system already wrote the information of the malicious Access Point into the database, so any time a user clicks on a link that contains the Cross-site scripted name, the client side script will be executed.
bow44conga Dec. 1, 2013 5:26 PM

bow44conga Dec. 1, 2013 5:26 PM

bow44conga Dec. 1, 2013 5:27 PM

ءءء ءىءء سثء ء غخع فعلاث غخعفعلاث youtube غخع يوتيوب بشؤثلاخخن بشؤث لاخخن بشؤث بش ب لخ لخخ لخخلمث ل شات غلاي شات ورود ميكس يو شات دبي مون شات شات الورود شات موقع شات الشات دردشه الغلا شات روحي تحبك ورد بوكيه ورد احمر ورده وردة الورد ورود فيس بوك فيسبوك Dec. 25, 2013 4:24 PM

Cross-site scripting attacks are typically targeted at web applications by injecting a client side script into the web page. What type of web applications? Any web site that contain forms to input data, or in Aruba's case, the system already wrote the information of the malicious Access Point into the database, so any time a user clicks on a link that contains the Cross-site scripted name, the client side script will be executed.
is bubblegum casting legitimate Apr. 3, 2014 3:00 AM

Well Samsung mobile phones are multi-faceted in their capabilities with looks to match. Many of the latest mobile phones are empowered with Bluetooth and third generation

Post a Comment:

Name:
*
 
Email:
*
Note: Your email will not be displayed.
 
Comments:
 *
 
Verification:
Enter in the characters from the image below:
 *
 
 
Blog Contributor

Jesse Frankel has extensive experience in delivering critical wireless security solutions for enterprise, clinical and government networks. During his 6+ years at AirMagnet he served as Director, System Engineering and as a member of AirMagnet's Wireless Intrusion Research Team.

Blog Archive
 
Other Social Media Sites We Recommend:
Home  |  Security Center  |  All Things Wi-Fi  |  Blog  |  Library  |  AirMagnet.com  |  FlukeNetworks.com
© 2006-2012 Fluke Corporation. All rights reserved.