15 matches found
EUVD-2012-2590
Malware in sbrugna...
EUVD-2012-2592
Malware in sbrugna...
CVE-2012-2606
The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack...
CVE-2012-2604
Multiple cross-site scripting XSS vulnerabilities in GuestAccess.jsp in the Guest/Contractor access component in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields...
CVE-2012-2605
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...
CVE-2012-2606
The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack...
CVE-2012-2605
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...
CVE-2012-2606
The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack...
CVE-2012-2605
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...
CVE-2012-2604
Multiple cross-site scripting XSS vulnerabilities in GuestAccess.jsp in the Guest/Contractor access component in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields...
CVE-2012-2606
Bradford Network Sentry before 5.3.3 contains an authentication flaw in the agent listening on UDP port 4567. The lack of authentication allows a remote attacker to trigger the display of arbitrary text on a workstation via a crafted UDP packet, demonstrated by a replay attack. Affected product i...
CVE-2012-2605
Bradford Network Sentry
CVE-2012-2604
CVE-2012-2604 corresponds to multiple XSS vulnerabilities in Bradford Network Sentry’s Administrative GuestAccess.jsp (Guest/Contractor access). The affected component is Bradford Network Sentry before version 5.3.3, where remote authenticated users can inject arbitrary web script or HTML via uns...
Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities
Overview Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application. Description Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities:CWE-79: Improper...