Multiple Websense Products 'favorites.exe' Authentication Bypass Vulnerability

Bugtraq ID:	51087
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	Dec 15 2011 12:00AM
Updated:	May 02 2012 07:31AM
Credit:	Ben Williams of NGS Secure
Vulnerable:	Websense Web Security Gateway Anywhere 7.6 Websense Web Security Gateway 7.6 Websense Web Security 7.6
Not Vulnerable:

Multiple Websense Products 'favorites.exe' Authentication Bypass Vulnerability

Multiple Websense products are prone to an authentication-bypass vulnerability.

Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access.

The following Websense products are affected:

Websense Web Security Gateway Anywhere 7.6
Websense Web Security Gateway 7.6
Websense Web Security 7.6
Websense Web Filter 7.6

Multiple Websense Products 'favorites.exe' Authentication Bypass Vulnerability

The following example URI is available:

https://www.example.com/explorer_wse/favorites.exe?startDate=2011-10-22&endDate=2011-10-23&action=def

Multiple Websense Products 'favorites.exe' Authentication Bypass Vulnerability

Solution:
Updates are available. Please see the references for more information.

Multiple Websense Products 'favorites.exe' Authentication Bypass Vulnerability

References:

• Websense Homepage (Websense)
  
• websense Hotfix (websense)
  
• NGS00138 Patch Notification: Websense Triton 7.6 - Authentication ("Research@NGSSecure")