35 matches found
EUVD-2008-5964
Malware in sbrugna...
EUVD-2007-0469
Malware in sbrugna...
Check Point Connectra R62 '/Login/Login' Arbitrary Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36466/info Check Point Connectra is prone to an arbitrary-script-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary script code in th...
Check Point SSL VPN On-Demand应用程序远程代码执行漏洞
Bugtraq ID: 47695 CVE ID:CVE-2011-1827 SNX SecureWorkSpace和Endpoint Security On-Demand可从Connectra或security gateways下载的客户端,可实现按需远程连接。它们可使用Check Point Deployment Agent Java applet或ActiveX控件配置在浏览中。 应用程序SSL网络扩展器SNX, SecureWorkSpace和Endpoint Security On-Demand通过浏览器配置时,容易受到恶意网站的攻击,导致在末端用户机器上执行任意恶意代码。...
Check Point Connectra crossite scripting
/Login/Login crossite scripting...
CheckPoint Connectra /Login/Login任意脚本注入漏洞
BUGTRAQ ID: 36466 CheckPoint Connectra是一个SSL-VPN解决方案,允许用户使用普通的web浏览器访问远程系统。 Connectra的/Login/Login目录下的初始登录脚本没有对用户通过HTTP POST请求所提交的输入数据执行正确的验证,远程攻击者可以通过在请求中包含特制vpidprefix参数导致注入并执行任意脚本。 Check Point Software Connectra R62 厂商补丁: Check Point Software --------------------...
Check Point Connectra R62 - LoginLogin Arbitrary Script Injection
Check Point Connectra R62 - LoginLogin Arbitrary Script Injection source: https://www.securityfocus.com/bid/36466/info Check Point Connectra is prone to an arbitrary-script-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to...
Check Point Connectra R62 - '/Login/Login' Arbitrary Script Injection
source: https://www.securityfocus.com/bid/36466/info Check Point Connectra is prone to an arbitrary-script-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary script code in the context of the webserver...
Check Point Connectra Script Injection
Check Point Connectra R62 Login Script Injection Vulnerability scip AG Vulnerability ID 4020 09/04/2009 http://www.scip.ch/?vuldb.4020 I. INTRODUCTION Check Point Connectra is a so-called SSL-VPN solution, which allows users to access a remote system using a regular web browser. More information ...
Check Point response to Connectra Login XSS (CVE-2008-5994)
...
Security Vulnerabilities not applicable to IPSO OS and to Connectra
...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Check Point Connectra NGX R62 HFA01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-5994
Cross-site scripting XSS vulnerability in index.php in Check Point Connectra NGX R62 HFA01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-5994
Cross-site scripting XSS vulnerability in index.php in Check Point Connectra NGX R62 HFA01 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-5994
CVE-2008-5994 is an XSS vulnerability in Check Point Connectra NGX R62 HFA_01 (index.php) exploitable via the dir parameter. The root cause is inadequate sanitization of dir, allowing remote script/HTML injection. Impact details cited show partial integrity impact with no confidentiality or avail...
Connectra File Share Cross Site Scripting Vulnerability
...
CVE-2007-0471
sre/params.php in the Integrity Clientless Security ICS component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie...
Authentication flaw
sre/params.php in the Integrity Clientless Security ICS component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie...
CVE-2007-0471
sre/params.php in the Integrity Clientless Security ICS component in Check Point Connectra NGX R62 3.x and earlier before Security Hotfix 5, and possibly VPN-1 NGX R62, allows remote attackers to bypass security requirements via a crafted Report parameter, which returns a valid ICSCookie...
CVE-2007-0471
Check Point Connectra NGX R62 3.x and earlier (before Security Hotfix 5) are affected by CVE-2007-0471 due to an issue in sre/params.php of the Integrity Clientless Security (ICS) component that lets an attacker craft a Report parameter to obtain a valid ICSCookie token and bypass security. The a...