Dell SonicWall Secure Remote Access Server Command Injection Vulnerability (CNVD-2017-02472)

Dell SonicWall Secure Remote Access is a SonicWALL Secure Remote Access Series appliance within the Dell SonicWall Secure Mobile Access solution. An input validation vulnerability in the extensionsettings CGI /cgi-bin/extensionsettings component of the Dell SonicWall Secure Remote Access's web...

CVE-2016-9682

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...

Dell SonicWall Secure Remote Access Multiple Command Injection Vulnerabilities

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...

Dell SonicWall Secure Remote Access Multiple Command Injection Vulnerabilities

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI /cgi-bin/extensionsettings component responsible for handling some of the server's...

Dell SonicWall Secure Remote Access Multiple Command Injection Vulnerabilities

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI /cgi-bin/viewcert component responsible for processing SSL certificate information. The CGI...

CVE-2016-9682

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...

CVE-2016-9682

The provided connected sources confirm CVE-2016-9682 affects SonicWall Secure Remote Access (SRA) 8.1.0.2-14sv. The vulnerabilities are remote command injections in the diagnostics CGI (/cgi-bin/diagnostics) used for emailing system state. Root cause: the application fails to properly escape data...

CVE-2016-9683

The CVE-2016-9683 issue affects Dell SonicWall Secure Remote Access Server (SRA) version 8.1.0.2-14sv, specifically the extensionsettings CGI (/cgi-bin/extensionsettings). The vulnerability stems from unsanitized handling of the scriptname parameter in a multi-part form, which is read before a ca...

CVE-2016-9684

Dell SonicWALL Secure Remote Access (SRA) server, version 8.1.0.2-14sv, is vulnerable to a remote command injection in the web admin CGI at /cgi-bin/viewcert. The CGI does not properly escape the CERT input before a system() call, enabling an attacker to execute arbitrary shell commands and gain ...

EMC Secure Remote Services Detection

This script performs SSH based detection of EMC Secure Remote Services SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

EMC Secure Remote Services Webinterface Detection

This script performs HTTP based detection of EMC Secure Remote Services Webinterface SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

SonicWall / Dell SonicWALL SMA / SRA Detection (SNMP)

SNMP based detection of SonicWall / Dell SonicWALL Secure Mobile Access SMA and Secure Remote Access SRA devices. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

[SECURITY] Fedora 24 Update: obs-signd-2.2.1-8.fc24

The OpenSUSE Build Service sign client and daemon. This daemon can be used to sign anything via gpg by communicating with a remote server to avoid the need to host the private key on the same server...

[SECURITY] Fedora 23 Update: libssh-0.7.3-1.fc23

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, tra nsfer files, use a secure and transparent tunnel for your remote...

CVE-2015-6852

Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter...

Directory traversal

Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter...

CVE-2015-6852

CVE-2015-6852 affects EMC Secure Remote Services Virtual Edition 3.x prior to 3.10. The API is vulnerable to a directory traversal issue that allows remote authenticated users to read log files via a crafted parameter. The vulnerability is described in multiple sources (NVD/CNVD) with a CVSS v3 b...

EMC Secure Remote Services Virtual Edition Directory Traversal Vulnerability

EMC Secure Remote Services Virtual Edition ESRS VE is a suite of remote services virtual edition software from EMC Corporation. The software is used to provide a remote connection between EMC customer service and the user's EMC products and solutions. A directory traversal vulnerability exists in...

Insufficient certificate validation in EMC Secure Remote Services Virtual Edition

------------------------------------------------------------------------ Insufficient certificate validation in EMC Secure Remote Services Virtual Edition ------------------------------------------------------------------------ Han Sahin, November 2014...

Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal

------------------------------------------------------------------------ Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal ------------------------------------------------------------------------ Han Sahin, November 2014...