Lucene search
K

20 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Symantec Web Gateway 5.0.2.8 Command Execution Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2012/07/16 12:0 a.m.19 views

Symantec Web Gateway Management Console Remote Shell Command Execution (CVE-2012-0297)

A remote command execution vulnerability has been reported in Symantec Web Gateway. The vulnerability is due to improper input validation by the web server. A remote attacker can exploit this issue by sending a specially crafted HTTP request to the affected server. Successful exploitation could...

10CVSS6.6AI score0.72596EPSS
Exploits22
0day.today
0day.today
added 2012/06/27 12:0 a.m.75 views

Symantec Web Gateway 5.0.2.8 Multiple Vulnerabilities

Exploit for linux platform in category web applications Software: Symantec Web Gateway Current Software Version: 5.0.2.8 Product homepage: www.symantec.com Author: S2 Crew Hungary CVE: CVE-2012-0297, CVE-2012-0298, ??? File include:...

7.1AI score0.72596EPSS
Exploits22
Packet Storm
Packet Storm
added 2012/06/27 12:0 a.m.59 views

Symantec Web Gateway 5.0.28 LFI / Code Execution

Software: Symantec Web Gateway Current Software Version: 5.0.2.8 Product homepage: www.symantec.com Author: S2 Crew Hungary CVE: CVE-2012-0297, CVE-2012-0298, ??? File include: https://192.168.82.207/spywall/previewProxyError.php?err=../../../../../../../../etc/passwd File include and OS command...

10CVSS6.4AI score0.72596EPSS
Exploits22
securityvulns
securityvulns
added 2012/06/13 12:0 a.m.100 views

ZDI-12-090 : Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-090 : Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-090 June 8, 2012 - -- CVE ID: CVE-2012-0297 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...

10CVSS0.72596EPSS
Exploits22
Exploit DB
Exploit DB
added 2012/06/12 12:0 a.m.24 views

Symantec Web Gateway 5.0.2.8 - 'ipchange.php' Command Injection (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Symantec Web...

10CVSS6.6AI score0.72596EPSS
Exploits22
Saint
Saint
added 2012/06/11 12:0 a.m.39 views

Symantec Web Gateway access_log PHP Injection

Added: 06/11/2012 CVE: CVE-2012-0297 BID: 53444 OSVDB: 82023 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway fails to properly sanitize user-supplied input passed to...

10CVSS7.1AI score0.72596EPSS
Exploits22
Saint
Saint
added 2012/06/11 12:0 a.m.38 views

Symantec Web Gateway access_log PHP Injection

Added: 06/11/2012 CVE: CVE-2012-0297 BID: 53444 OSVDB: 82023 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway fails to properly sanitize user-supplied input passed to...

10CVSS7.1AI score0.72596EPSS
Exploits22
Packet Storm
Packet Storm
added 2012/06/11 12:0 a.m.44 views

Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Symantec Web...

10CVSS0.3AI score0.72596EPSS
Exploits22
Saint
Saint
added 2012/06/11 12:0 a.m.32 views

Symantec Web Gateway access_log PHP Injection

Added: 06/11/2012 CVE: CVE-2012-0297 BID: 53444 OSVDB: 82023 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway fails to properly sanitize user-supplied input passed to...

10CVSS7.1AI score0.72596EPSS
Exploits22
Saint
Saint
added 2012/06/11 12:0 a.m.32 views

Symantec Web Gateway access_log PHP Injection

Added: 06/11/2012 CVE: CVE-2012-0297 BID: 53444 OSVDB: 82023 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway fails to properly sanitize user-supplied input passed to...

10CVSS7.1AI score0.72596EPSS
Exploits22
Metasploit
Metasploit
added 2012/06/10 8:38 p.m.27 views

Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection

This module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec function. This module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication. This module requires Metasploit:...

10CVSS0.8AI score0.72596EPSS
Exploits22
seebug.org
seebug.org
added 2012/05/29 12:0 a.m.24 views

Symantec Web Gateway 5.0.2.8 Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score0.72596EPSS
Exploits22
Metasploit
Metasploit
added 2012/05/28 3:47 a.m.24 views

Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability

This module exploits a vulnerability found in Symantec Web Gateway's HTTP service. By injecting PHP code in the access log, it is possible to load it with a directory traversal flaw, which allows remote code execution under the context of 'apache'. Please note that it may take up to several minut...

10CVSS7.3AI score0.72596EPSS
Exploits22
Packet Storm
Packet Storm
added 2012/05/28 12:0 a.m.41 views

Symantec Web Gateway 5.0.2.8 Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Symantec Web...

10CVSS0.1AI score0.72596EPSS
Exploits22
0day.today
0day.today
added 2012/05/28 12:0 a.m.69 views

Symantec Web Gateway 5.0.2.8 Command Execution

Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7.1AI score0.72596EPSS
Exploits22
Circl
Circl
added 2012/05/26 12:0 a.m.31 views

CVE-2012-0297

creationtimestamp| type| source ---|---|--- 2012-05-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18932 2012-05-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18942 2012-06-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/19065 2012-06-27...

10CVSS5.8AI score0.72596EPSS
Exploits22References8
d2
d2
added 2012/05/21 8:55 p.m.550 views

DSquare Exploit Pack: D2SEC_SYMWEBGW

Name| d2secsymwebgw ---|--- CVE| CVE-2012-0297 Exploit Pack| D2ExploitPack Description| Symantec Web Gateway 5.0.2 Local File Include Vulnerability Notes|...

10CVSS2.5AI score0.72596EPSS
Exploits22
Cvelist
Cvelist
added 2012/05/21 8:0 p.m.41 views

CVE-2012-0297

The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by 1 injecting crafted data or 2 including crafted data...

7.4AI score0.72596EPSS
Exploits22References3
CVE
CVE
added 2012/05/21 8:0 p.m.138 views

CVE-2012-0297

Symantec Web Gateway 5.0.x (pre-5.0.3) exposes a remote command injection/remote code execution vulnerability in the HTTP service (spywall/ipchange.php and related endpoints). The core issue is improper input handling and insecure usage of server-side scripts that allows an attacker to inject or ...

10CVSS7.5AI score0.72596EPSS
In wildExploits22References3Affected Software1
Rows per page
Query Builder