Lucene search
K

419 matches found

Debian CVE
Debian CVE
added 2008/09/18 5:47 p.m.61 views

CVE-2008-4100

GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the...

6.4CVSS6.5AI score0.01492EPSS
Exploits0
Prion
Prion
added 2008/04/30 4:17 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

4.3CVSS6AI score0.01452EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2008/04/30 4:17 p.m.16 views

CVE-2008-2030

Cross-site scripting XSS vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

4.3CVSS5.6AI score0.01452EPSS
Exploits1References4
Cvelist
Cvelist
added 2008/04/30 3:0 p.m.21 views

CVE-2008-2030

Cross-site scripting XSS vulnerability in installControl.php3 in F5 FirePass 4100 SSL VPN 5.4.2-5.5.2 and 6.0-6.2 allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

5.6AI score0.01452EPSS
Exploits1References4
seebug.org
seebug.org
added 2008/04/30 12:0 a.m.17 views

F5 FirePass 4100 SSL VPN设备installControl.php3跨站脚本漏洞

BUGTRAQ ID: 28902 F5 FirePass SSL VPN设备允许用户安全的连接到关键业务应用设备上。 FirePass没有正确地过滤对installControl.php3脚本所传送的URL便返回给了用户,这允许攻击者通过跨站脚本攻击导致在用户浏览器会话中执行任意HTML和脚本代码。 F5 FirePass 4100 F5 -- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.f5.com/...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2008/04/23 12:0 a.m.26 views

F5 Networks FirePass 4100 SSL VPN - installControl.php3 Cross-Site Scripting

F5 Networks FirePass 4100 SSL VPN - installControl.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/28902/info F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/04/23 12:0 a.m.36 views

F5 Networks FirePass 4100 SSL VPN - 'installControl.php3' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28902/info F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
Prion
Prion
added 2008/03/05 11:44 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to 1 my.activation.php3 and 2 my.logon.php3...

2.6CVSS6.1AI score0.05923EPSS
Exploits1References15Affected Software1
CVE
CVE
added 2008/03/05 11:0 p.m.67 views

CVE-2007-6704

CVE-2007-6704 is a cross-site scripting vulnerability affecting F5 FirePass SSL VPN 4100/5.x and 6.0.x when pre-logon sequences are enabled. The issue allows remote attackers to inject script via the query string to my.activation.php3 or my.logon.php3. FirePass 6.0.2 fixes the issue; hotfixes HF-...

2.6CVSS5.8AI score0.05923EPSS
Exploits1References15Affected Software1
Cvelist
Cvelist
added 2008/03/05 11:0 p.m.22 views

CVE-2007-6704

Multiple cross-site scripting XSS vulnerabilities in F5 FirePass 4100 SSL VPN 5.4.1 through 5.5.2 and 6.0 through 6.0.1, when pre-logon sequences are enabled, allow remote attackers to inject arbitrary web script or HTML via the query string to 1 my.activation.php3 and 2 my.logon.php3...

5.8AI score0.05923EPSS
Exploits1References15
seebug.org
seebug.org
added 2007/12/04 12:0 a.m.34 views

F5 Networks FirePass 4100 SSL VPN My.Logon.PHP3跨站脚本漏洞

F5 Networks FirePass 4100 SSL VPN是一款功能强大的SSL VPN解决方案。 SSL VPN解决方案不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 问题是"my.logon.php3"脚本对用户提交的WEB参数缺少过滤,提交恶意脚本代码作为参数数据,并诱使用户访问,可导致恶意脚本在目标域上下文执行。可导致敏感信息重定向到第三方。 F5 FirePass 4100 5.4.2 F5 FirePass 4100 0 F5 FirePass 6.0.1 F5 FirePass 5.5.2 F5 FirePass 5.4.1 F5...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/02 12:0 a.m.29 views

ProCheckUp Security Advisory 2007.15

PR07-15: Cross-site Scripting XSS / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script Date Found: 19th June 2007 Successfully tested on: version 5.5.2 F5 Networks has confirmed the following versions to be vulnerable: FirePass versions 5.4.1 - 5.5.2 FirePass versions 6...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/02 12:0 a.m.24 views

ProCheckUp Security Advisory 2007.14

PR07-14: Cross-site Scripting XSS / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script Date Found: 19th June 2007 Successfully tested on: version 5.5.2 F5 Networks has confirmed the following versions to be vulnerable: FirePass versions 5.4.1 - 5.5.2 FirePass...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/11/30 12:0 a.m.55 views

PR07-14: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script

PR07-14: Cross-site Scripting XSS / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script Date Found: 19th June 2007 Successfully tested on: version 5.5.2 F5 Networks has confirmed the following versions to be vulnerable: FirePass versions 5.4.1 - 5.5.2 FirePass...

6.3AI score
Exploits0
securityvulns
securityvulns
added 2007/11/30 12:0 a.m.38 views

PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script

PR07-15: Cross-site Scripting XSS / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script Date Found: 19th June 2007 Successfully tested on: version 5.5.2 F5 Networks has confirmed the following versions to be vulnerable: FirePass versions 5.4.1 - 5.5.2 FirePass versions 6...

6.2AI score
Exploits0
exploitpack
exploitpack
added 2007/11/30 12:0 a.m.17 views

F5 Networks FirePass 4100 SSL VPN - My.Logon.php3 Cross-Site Scripting

F5 Networks FirePass 4100 SSL VPN - My.Logon.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/26659/info F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/12 12:0 a.m.44 views

F5 FirePass 4100 SSL VPN - 'Download_Plugin.php3' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26412/info F5 FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspectin...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/11/12 12:0 a.m.19 views

F5 FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting

F5 FirePass 4100 SSL VPN - DownloadPlugin.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/26412/info F5 FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this iss...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2007/11/10 12:0 a.m.17 views

F5 Networks FirePass 4100 SSL VPN - Download_Plugin.php3 Cross-Site Scripting

F5 Networks FirePass 4100 SSL VPN - DownloadPlugin.php3 Cross-Site Scripting source: https://www.securityfocus.com/bid/26661/info F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/10 12:0 a.m.44 views

F5 Networks FirePass 4100 SSL VPN - 'Download_Plugin.php3' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26661/info F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
Rows per page
Query Builder