13 matches found
EUVD-2007-3787
Malware in sbrugna...
EUVD-2007-3788
Malware in sbrugna...
EUVD-2007-3789
Malware in sbrugna...
Code injection
The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service gateway stop via certain certificates...
Authentication flaw
The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists...
CVE-2007-3805
The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service gateway stop via certain certificates...
CVE-2007-3804
The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow remote attackers to bypass scanning via small files...
CVE-2007-3803
The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists...
Authentication flaw
The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow remote attackers to bypass scanning via small files...
CVE-2007-3804
The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow remote attackers to bypass scanning via small files...
CVE-2007-3805
CVE-2007-3805 affects Clavister CorePlus prior to 8.80.03 and 8.80.00, where the IKE certificate validation during negotiation is faulty, enabling remote denial-of-service (gateway stop). The connected docs indicate fixes in CorePlus release notes (8.80.04 and 8.81.01). No exploit details are pro...
CVE-2007-3803
CVE-2007-3803 affects Clavister CorePlus SMTP ALG, where improper SMTP command parsing in certain circumstances allows remote attackers to bypass address blacklists. Affected versions are CorePlus before 8.80.04 and 8.81.00. The root cause is parsing issues within the SMTP ALG that can be exploit...
CVE-2007-3804
The CVE-2007-3804 vulnerability affects Clavister CorePlus before versions 8.81.00 and 8.80.03, where the HTTP-ALG Antivirus engine may bypass scanning for small files. This remote issue (attack vector: network; no authentication required) can impact data integrity with a partial impact, accordin...