-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                         ESB-2008.0511 -- [Cisco]
       Cisco Building Broadband Service Manager (BBSM) - cross-site
                      scripting (XSS) vulnerability.
                                19 May 2008

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Building Broadband Service Manager (BBSM) 
Publisher:            Cisco Systems
Operating System:     Cisco
Impact:               Cross-site Scripting
Access:               Remote/Unauthenticated
CVE Names:            CVE-2008-2165

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

This is the Cisco PSIRT response to an issue that was discovered
and reported to Cisco by Brad Antoniewicz from Mcafee/Foundstone
Professional Services regarding a cross-site scripting (XSS)
vulnerability in Cisco's Building Broadband Service Manager (BBSM).

This vulnerability is documented in Cisco bug ID CSCso62583. The Release
Note for said bug reads as follows:

+---- BEGIN RELEASE NOTE TEXT ----

Symptom:

Some web pages belonging to the Cisco Building Broadband Service Manager
(BBSM) web-based interface are affected by a reflected cross-site
scripting (XSS) vulnerability.

The vulnerability may allow an attacker to run arbitrary web browser
scripting code on the machine the user is using to access the BBSM web
interface, under the same privileges as the logged-in user.

Conditions:

The attack requires of a small amount of social engineering in order
to fool a user into following a specially crafted link, containing the
malicious code, and purporting to belong to the BBSM web interface

Workaround:

None.

Further problem description:

Customers are recommended to install BBSM patch 5332, which is available
for download on www.cisco.com

Additional information on cross-site scripting attacks is available on
the document entitled "Cisco Applied Mitigation Bulletin: Understanding
Cross-Site Scripting (XSS) Threat Vectors", which is available at
http://www.cisco.com/warp/public/707/cisco-amb-20060922-understanding-xss.shtml

+---- END RELEASE NOTE TEXT ----

This issue has been fixed on BBSM v5.3 patch 5332. Customers with valid
service contracts can download patch 5332 from the following URL:

http://tools.cisco.com/support/downloads/go/ImageList.x?relVer=5.3&mdfid=278455427&sftType=Building%20Broadband%20Service%20Manager%20(BBSM)%20Updates&optPlat=&nodecount=2&edesignator=null&modelName=Cisco%20Building%20Broadband%20Service%20Manager%205.3&treeMdfId=281527126&treeName=Network%20Monitoring%20and%20Management

Cisco PSIRT would like to thank Brad Antoniewicz and Mcafee/Foundstone
Professional Services for bringing this issue to our attention and for
working with PSIRT toward coordinated disclosure of the issue. Cisco
PSIRT greatly appreciates the opportunity to work with researchers on
security vulnerabilities and welcomes the opportunity to review and
assist in product reports.

Thanks,

Eloy Paris.-
Cisco PSIRT
http://www.cisco.com/go/psirt/
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIKxl/agjTfAtNY9gRAqliAJ91B8NgOkTxHBImgtKQY3LiJkk/SACdEHjt
i+B1WG8fJ7G9P5DYZgkyPIY=
=9w4S
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBSDDZjih9+71yA2DNAQJe6gP+P7lOOdMpUzU/qjyehL00K8zEP4qOubci
ROhAO+1x21Ri9eNdyWeUidApoFVzNxvOm6A1z8/OfFKzm+xBY7GVSZrWJu5Q1Iyp
hFH6tFaLCPk96rdmFzvcClnv0OPwMnqIcozBdLMANVxSmcUJBpD7Ce8btBYw/kCw
qPnQFaJSFKA=
=ECA4
-----END PGP SIGNATURE-----