F5 FirePass SSL VPN contains a flaw that allows a remote cross site redirection attack. This flaw exists because the application does not validate the 'refreshURL' parameter upon submission to the my.activation.cns.php3 script. This could allow a user to create a specially crafted URL, that if clicked, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing.
Such attacks are useful as the crafted URL initially appear to be a web page of a trusted site. This could be leveraged to direct an unsuspecting user to a web page containing attacks that target client side software such as a web browser or document rendering programs.
Remote / Network Access
Loss of Integrity
OSVDB is not aware of a solution for this vulnerability.