9 matches found
EUVD-2016-8394
Malware in sbrugna...
Cisco repair Shadow Brokers announced the vulnerability and released technical analysis-vulnerability warning-the black bar safety net
A, event summary 2 0 1 6 years 8 on 1 5 December, a named“The Shadow Brokers”the shadow broker-hacking group claims to Own the intrusion of the Equation Group equation organization of hacking an organization's computer system, and successfully steal a lot of confidential information and hacker...
McAfee LiveSafe Denial of Service Vulnerability
McAfee LiveSafe is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Unauthenticated Stack Exhaustion in GlobalProtect/SSL VPN Web Interface
When a PAN-OS device is configured as a GlobalProtect web portal, a specially crafted request to the portal could result in a crash of the service. Ref. 89750 CVE-2016-3656 This issue can be exploited remotely by an attacker with network access to the GlobalProtect portal in order to cause a...
Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface
When a PAN-OS device is configured as a GlobalProtect portal, a vulnerability exists where an improper handling of a buffer involved in the processing of SSL VPN requests can result in device crash and possible remote code execution. Ref. 89752 CVE-2016-3657 An attacker with network access to the...
Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface
When a PAN-OS device is configured as a GlobalProtect portal, a vulnerability exists where an improper handling of a buffer involved in the processing of SSL VPN requests can result in device crash and possible remote code execution. Ref. 89752 CVE-2016-3657 An attacker with network access to the...
Symantec Web Gateway OS Authenticated Command Injection
SUMMARY Symantec's Web Gateway SWG Appliance management console is susceptible to operating system command injection by an authenticated but less-privileged user. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec Web Gateway Appliance | 5.2.1 and prior | Symantec Web Gateway 5.2...
Symantec Workspace Streaming XMLRPC Unauthenticated Access
SUMMARY The management server for Symantec Workspace Streaming SWS does not properly handle external XMLRPC requests, which could potentially allow unauthorized access to restricted server-side data and server functionality. A remote user could potential create a backdoor on the targeted server...
Symantec LiveUpdate Administrator Cross-Site Request Forgery
SUMMARY Symantecs LiveUpdate Administrator LUA is susceptible to a cross-site request forgery vulnerability which could result in the execution of HTML or script code in the context of the admins browser. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec LiveUpdate Administrator...