Security Alerts




WatchGuard’s XTM 11.8 Software Fixes Buffer Overflow & XSS Vulnerabilities

Overall Severity: High Summary: These vulnerabilities affect:  WatchGuard WSM and Fireware XTM 11.7.4 and earlier How an attacker exploits them:  Either by enticing an XTM administrator into clicking a specially crafted link or by visiting the appliance’s web management UI with a malicious cookie Impact:  In the worst case, an attacker can execute code on the XTM appliance  (see mitigating factors below) What to do:  Install WSM and Fireware XTM 11.8 (and limit access to the XTM web management interface) Exposure: Last week, we released WSM and Fireware XTM 11.8, which delivers a number of powerful new features to XTM administrators. However, it also fixes two externally reported security vulnerabilities. Though both vulnerabilities have mitigating factors that somewhat limit their severity, you should still patch them quickly.

Source:
WatchGuard’s XTM 11.8 Software Fixes Buffer Overflow & XSS Vulnerabilities
October 17, 2013 — Category: Security Alerts