|
Brought to you by:
Suppliers of:
|
|
|
| |
| eSafe Gateway is an Internet Content Security product. You can configure eSafe Gateway to remove scripts (VBScripts, JavaScripts) and other executable tags from incoming HTML documents. Alternatively, the administrator can ban certain scripting commands from appearing inside scripts. The banned commands will be removed, while the rest of the HTML page is left intact. eSafe does not recognize scripting tags constructed using extended characters notation. This allows an attacker to bypass eSafe script filtering mechanism and introduce malicious code into an organization. |
| |
Credit:
The information has been provided by eDvice Security Services.
|
| |
Vulnerable systems:
eSafe Gateway version 3.0
eSafe gateway analyzes the incoming HTML file and searches for the keyword "<SCRIPT" From the moment the keyword was found, eSafe looks for a following "</SCRIPT>" keyword and then replaces the entire content between these keywords with spaces.
However, browsers such as Internet Explorer accept extended character representation (such as %32 which translates to '2') within an HTML file. If the string "<SCRIPT" is replaced with some extended character representation, eSafe will fail to filter out the tag and the browser will run the script.
Solution:
Do not rely on eSafe Gateway version 3.0 for HTML filtering. Aladdin will publish a workaround to avoid this vulnerability and will address this issue in the next release of eSafe Gateway.
|
|
|
|
|
