3 matches found
CVE-2018-18371
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext authentication credentials for a remote FTP serve...
CVE-2018-18371
The CVE-2018-18371 issue affects the ASG/ProxySG FTP proxy WebFTP mode, enabling information disclosure by exposing plaintext credentials stored in the device’s web listing of FTP servers when users access an FTP server via ftp:// in a browser. Affected versions include ASG 6.6 and 6.7 prior to 6...
XSS and Information Disclosure Vulnerabilities in ASG and ProxySG
SUMMARY The Symantec ASG and ProxySG FTP proxy WebFTP mode is susceptible to XSS and information disclosure vulnerabilities. A remote attacker can inject malicious JavaScript code in the web listing of a remote FTP server and obtain authentication credentials for a remote FTP server. AFFECTED...