67 matches found
Code injection
The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force attack...
CVE-2012-2994
The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force attack...
CVE-2012-2994
The CVE-2012-2994 issue affects CoSoSys Endpoint Protector 4 appliances. The EPProot root account password is generated from the appliance serial number, resulting in a default-like password eroot!00(sum)RO where sum is the sum of the 9 digits of the serial. This creates a predictable, brute-forc...
CoSoSys Endpoint Protector - Predictable Password Generation
CoSoSys Endpoint Protector - Predictable Password Generation source: https://www.securityfocus.com/bid/55570/info CoSoSys Endpoint Protector is prone to an insecure password generation vulnerability. Successfully exploiting this issue may allow an attacker to guess generated passwords and gain...
CoSoSys Endpoint Protector - Predictable Password Generation
source: https://www.securityfocus.com/bid/55570/info CoSoSys Endpoint Protector is prone to an insecure password generation vulnerability. Successfully exploiting this issue may allow an attacker to guess generated passwords and gain access to affected appliances. CoSoSys Endpoint Protector 4 is...
CoSoSys Endpoint Protector 4 appliance contains a predictable password for root-equivalent account vulnerability
Overview CoSoSys Endpoint Protector 4 appliance contains a predictable password for root-equivalent accounts. Description According to the CoSoSys's website the Endpoint Protector 4 appliance is a DLP product used to prevent users from taking unauthorized data outside the company or bringing...
Endpoint Protector v4.0.4.0 - Multiple Web Vulnerabilities
Exploit for multiple platform in category web applications Details: ======== Multiple persistent input validation vulnerabilities are detected in Endpoint Protector v4.0.4.0 Appliance Application. The bugs allow remote attackers to implement/inject malicious script code on the application side...