99 matches found
Secomea GateManager Cross-Site Request Forgery Vulnerability
GateManager is a VPN server from Secomea. A cross-site request forgery vulnerability exists in the web GUI of Secomea GateManager versions prior to 9.4. An attacker can exploit this vulnerability to execute malicious code...
Secomea GateManager Cross-Site Scripting Vulnerability (CNVD-2021-15490)
GateManager is a VPN server from Secomea. A cross-site scripting vulnerability exists in the web GUI of Secomea GateManager versions prior to 9.4. An attacker can exploit this vulnerability to inject arbitrary javascript code...
How a VPN can protect your online privacy
Have you ever experienced the feeling of relief that comes when you do something silly, but youre glad you did it where people dont know you? Or maybe you wished you were somewhere like that, but alas… That is what a Virtual Private Network VPN can do for you: it can put you in a place where you...
Secomea GateManager
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Secomea Equipment: GateManager Vulnerabilities: Improper Neutralization of Null Byte or NUL Character, Off-by-one Error, Use of Hard-coded Credentials, Use of Password Hash with Insufficient...
CVE-2019-11868
CVE-2019-11868 affects SoftEther VPN Server with See.sys up to v4.25 (v4.29 or older). The issue allows a user to call an IOCTL that can specify any kernel address, enabling arbitrary bytes to be written to that address. This is described in multiple sources (NVD/Red Hat) as a local ability to wr...
CVE-2018-10646
CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "ConnectToVpnServer" method...
Pulse Secure Linux client GUI fails to validate SSL certificates
Overview The Pulse Secure Linux client GUI fails to validate SSL certificates, which can allow an attacker to modify connection settings. Description Pulse Secure is an SSL VPN solution. The Linux Pulse Secure client GUI is implemented using WebKit, and the actions taken using the GUI are...
CVE-2017-15882
The London Trust Media Private Internet Access PIA application before 1.3.3.1 for Android allows remote attackers to cause a denial of service application crash via a large VPN server-list file...
Design/Logic Flaw
The London Trust Media Private Internet Access PIA application before 1.3.3.1 for Android allows remote attackers to cause a denial of service application crash via a large VPN server-list file...
VPN Server Detection via PPTP/L2TP
Binary data 7264.pasl...
Simple OpenVPN Raspberry Pi Installer: piVPN
Simple OpenVPN Raspberry Pi Installer This is a set of shell scripts that serve to easily turn your Raspberry Pi TM into a VPN server using the free, open-source OpenVPN software. The master branch of this script installs and configures OpenVPN on Raspbian Jessie and has been tested on Ubuntu 14....
Shopify: Authentication Bypass on monitoring server
Hello, This issue has the same impact as this one: 143482. But the fix is not complete, there is a shopify subdomain VPN server where you still can connect your google account. This should be hide and protected. So you guys need to change this so that only shopify.com Google accounts are accepted...
Usable Privacy Box: UpriBox
The upribox software is used to create Raspberry Pi images to turn your Raspberry Pi into a privacy-enhancing Wireless router. See the official Raspberry Pi documentation for pointers on how to install the upribox image on the SD card. Upon the first boot the SSH/VPN keys are automatically...
[SECURITY] Fedora 24 Update: NetworkManager-vpnc-1.2.0-1.fc24
This package contains software for integrating VPN capabilities with the vpnc server with NetworkManager...
Protecting Personal Information: Freedom Box
FreedomBox is a personal server that protects your privacy. It hosts on demand applications such as file sharing, shared calendaring, instant messaging, secure voice conference calling, blog and wiki. FreedomBox is a free software stack, a subset of the Debian universal operating system, that can...
Windows Manage Remote Point-to-Point Tunneling Protocol
This module initiates a PPTP connection to a remote machine VPN server. Once the tunnel is created we can use it to force the victim traffic to go through the server getting a man in the middle attack. Be sure to allow forwarding and masquerading on the VPN server mitm. This module requires...
IPSEC Internet Key Exchange (IKE) Version 2 Detection
The remote host seems to be enabled to do Internet Key Exchange IKE. This is typically indicative of a VPN server. VPN servers are used to connect remote hosts into internal resources. Make sure that the use of this VPN endpoint is done in accordance with your corporate security policy. Note that...
CVE-2009-5008
Cisco Secure Desktop CSD, when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file...
Cisco WRV210 null pointer dereference
Exploit for windows platform in category dos / poc ===================================== Cisco WRV210 null pointer dereference ===================================== / 2010-09-24 by Paolo j5r9pn3lka yahoo dot com Product: Cisco WRV210 Wireless-G VPN Router - RangeBooster Type: denial of service...
CISCO ASA SSL VPN Detection
The remote host is a Cisco Adaptive Security Appliance ASA running an SSL VPN server. C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid42796; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate", value:"2020/09/22"; scriptxrefname:"IAVT",...