-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2017.0083
         Sophos Cyberoam Cross-site scripting (XSS) vulnerability
                                8 June 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Sophos Cyberoam
Operating System:     Network Appliance
Impact/Access:        Cross-site Scripting -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2016-9834  
Member content until: Saturday, July  8 2017

OVERVIEW

        an XSS vulnerability has been found in Sophos Cyberoam prior to 
        versions 10.6.4. [1]


IMPACT

        The researcher has published the following information about the 
        vulnerability:
        
        "
        
        Severity Rating (CVSS):
        ===================
        
        6.9 (Medium) (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N)
        
        Cross-site scripting (XSS) vulnerability in Sophos Cyberoam 
        firewall enables and attackers to execute scripts in a victim's 
        browser to hijack user sessions, deface web sites, insert hostile 
        content, redirect users, hijack the user's browser using malware, 
        etc."
        
        "This vulnerability allows remote attackers to execute arbitrary 
        client side script in the active user\x{146}s browser session, when
        logged into the Cyberoam firewall. User interaction is required to 
        exploit this vulnerability in that the target must visit a malicious
        page or open a malicious file." [1]


MITIGATION

        The vendor has advised the following:
        
        "Sophos is committed to working with the security community in 
        identifying, remediating and communicating security issues in our 
        products. Customers are advised to upgrade their Cyberoam OS to 
        v.10.6.5, which addresses this issue."


REFERENCES

        [1] Sophos Cyberoam Cross-site scripting (XSS) vulnerability
            http://seclists.org/bugtraq/2017/Jun/4

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWTjY2ox+lLeg9Ub1AQgjAA//bI480k9CrXx8m7ZANM8GhmV2+ycqMnMZ
Hx+8oLPr0T4TSRFyYoa6m/8qZcR7/1ieT55gyqSavqR9+Csy9ijZm+o4izrChgM0
SZ9YiJfj41lJ0xbVqspb4TIUfjLJCKhu743tf4avZ6Nbcm4Intzr56TguNR4SAB+
LNc5pQ2giokqnh5Znm96F008iSk18otNPbZBCqzFIUHFlEYQa4DksSw5GiFm5fI0
m+N0Gemdp0n2dJ6bbO9CdsGdGbBzGQ50W+8qGJAm7uhzSTTm9oiH+6RBNROY6fTJ
OrwMTh11uNREf23TsJNIUt/HpI9RgXnveIqr4FTxhb0kWHOD9KKrxFWzK30k5vRN
Feqvcfhce/5qWLy3P4MZ4Od2+q2g1Q1qXqgr3MlYCSAGc2WuS8+AihIgFA2Ghp2W
HyKuPW5KpMbXf+Fpjq2Hp2pNGj3oTtf9C+LV0ChD7KBcvXZruFhckZohCVDkZN2W
LU11SnPv7nZxspem+rdSO7b7VlhqQXU9K0Gv4Vtt5dJLZF7FJjIgRJG68an8zp1Y
AbgUnUAeaphhduUI5TX2Vpb9VFaxzaJtdiZGg2RXBai10RHcI6ZObAej/WBnpQ2a
Xb1YWiJY7+PbuIy8w7PNLbzal+joyGRDAvxiPPUKkho2ClrpkFoJAjAGGierbbMm
mZKVdIGAnAE=
=Z8x7
-----END PGP SIGNATURE-----