2 matches found
CVE-2006-0522
CVE-2006-0522 describes a SQL injection in Symantec’s Sygate Management Server (SMS) Authentication Servlet. The vulnerability affects SMS version 4.1, build 1417 and earlier, and could let a remote attacker inject SQL via a URL to bypass authentication and potentially overwrite the password for ...
Symantec Sygate Management Server: SMS Authentication Servlet SQL Injection
SUMMARY A SQL injection vulnerability in Symantec's Sygate Management Server SMS version 4.1, build 1417 and earlier could potentially allow a remote or local attacker to gain administrative privileges to the SMS server. Risk Impact High Remote Access | Yes ---|--- Local Access | Yes Authenticati...