9 matches found
Electric Sheep Fencing pfsense command injection vulnerability
Electric Sheep Fencing pfsense is a free and open source FreeBSD-based firewall and router software from Electric Sheep Fencing. A command injection vulnerability exists in the statusinterfaces.php file in Electric Sheep Fencing pfSense versions prior to 2.4.4, which can be exploited by an attack...
Electric Sheep Fencing pfsense clickjacking vulnerability
Electric Sheep Fencing pfsense is a free and open source FreeBSD-based firewall and router software from Electric Sheep Fencing. A clickjacking vulnerability exists in Electric Sheep Fencing pfSense 2.4.1 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code...
ESF pfSense squid_clwarn.php Cross Site Scripting
A cross-site scripting vulnerability has been reported in squid package of Electric Sheep Fencing pfSense firewall. The vulnerability is due to insufficient validation of the url, source, user and virus variables in the squidclwarn.php page. By convincing a user to visit a malicious website, a...
Electric Sheep Fencing pfsense cross-site scripting vulnerability (CNVD-2015-05672)
Electric Sheep Fencing pfsense is a free and open source FreeBSD-based firewall and router software from Electric Sheep Fencing. A cross-site scripting vulnerability exists in Electric Sheep Fencing pfsense, which can be exploited by remote attackers to inject arbitrary Web script or HTML...
Electric Sheep Fencing pfsense cross-site scripting vulnerability (CNVD-2015-05673)
Electric Sheep Fencing pfsense is a free and open source FreeBSD-based firewall and router software from Electric Sheep Fencing. A cross-site scripting vulnerability exists in Electric Sheep Fencing pfsense, which can be exploited by remote attackers to inject arbitrary Web script or HTML...
Electric Sheep Fencing pfsense cross-site scripting vulnerability
Electric Sheep Fencing pfsense is a free and open source FreeBSD-based firewall and router software from Electric Sheep Fencing. A cross-site scripting vulnerability exists in Electric Sheep Fencing pfsense versions prior to 2.2.3, which stems from the systemauthservers.php script failing to...
Electric Sheep Fencing Pfsense 'zone' Parameter Cross-Site Scripting Vulnerability
Electric Sheep Fencing pfsense is a free and open source FreeBSD-based firewall and router software from Electric Sheep Fencing. A cross-site scripting vulnerability exists in Electric Sheep Fencing Pfsense that stems from the program's failure to adequately filter user-submitted input. When a us...
ESF pfSense status_captiveportal Cross Site Scripting (CVE-2015-2294)
A cross-site scripting vulnerability has been reported in Electric Sheep Fencing pfSense firewall. The vulnerability is due to insufficient validation of the zone variable in the statuscaptiveportal page. A remote attacker can exploit the XSS vulnerability to execute arbitrary scripts in the user...
pfSense 2.2 - Multiple Vulnerabilities
Advisory ID: HTB23251 Product: pfSense Vendor: Electric Sheep Fencing LLC Vulnerable Versions: 2.2 and probably prior Tested Version: 2.2 Advisory Publication: March 4, 2015 without technical details Vendor Notification: March 4, 2015 Vendor Patch: March 5, 2015 Public Disclosure: March 25, 2015...