Lucene search
K

81 matches found

Cvelist
Cvelist
added 2010/06/15 1:0 a.m.22 views

CVE-2010-2289

Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 Build 14599 and 6.5R2 Build 14951 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Location parameter...

6.6AI score0.01365EPSS
Exploits1References8
securityvulns
securityvulns
added 2010/06/15 12:0 a.m.124 views

PR09-17: Juniper Secure Access seriers (Juniper IVE) authenticated XSS & REDIRECTION

PR09-17: Juniper Secure Access series Juniper IVE authenticated XSS & REDIRECTION http://www.procheckup.com/vulnerabilitymanager/vulnerabilities/pr09-17 Vulnerability found: 12th October 2009 Vendor informed: 12 October 2009 Severity: Medium Script injection Description: There are multiple...

5.6AI score
Exploits0
Exploit DB
Exploit DB
added 2010/06/09 12:0 a.m.81 views

Juniper Networks SA2000 SSL VPN Appliance - 'welcome.cgi' Cross-Site Scripting

source: https://www.securityfocus.com/bid/41664/info Juniper Networks SA2000 SSL VPN appliance is prone to a cross-site scripting vulnerability because the web interface fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/06/09 12:0 a.m.22 views

Juniper Networks SA2000 SSL VPN Appliance - welcome.cgi Cross-Site Scripting

Juniper Networks SA2000 SSL VPN Appliance - welcome.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/41664/info Juniper Networks SA2000 SSL VPN appliance is prone to a cross-site scripting vulnerability because the web interface fails to properly sanitize user-supplied input. An...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2010/03/11 12:0 a.m.40 views

Juniper SA Series Cross Site Scripting Issue

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 o PROBLEM DETAILS The Juniper Secure Access SA web interface allows users to manage the bookmarks on their landing page. This bookmark management functionality does not filter user input properly and can allow cross site scripting attacks. Upon...

6.3AI score
Exploits0
Metasploit
Metasploit
added 2009/07/30 3:47 p.m.23 views

Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN IVE appliance. By specifying an overly long string to the ProductName object parameter, the stack is overwritten. This module...

7.5CVSS7.4AI score0.67312EPSS
Exploits3
seebug.org
seebug.org
added 2007/06/25 12:0 a.m.21 views

Juniper Networks IVE OS LDAP Referrals TLS明文密码漏洞

Juniper IVE OS是一款即时虚拟外网技术,用于安全访问SSL VPN设备。 使用TLS的Juniper IVE OS存在密码泄露问题,远程攻击者可以利用漏洞获得明文密码信息对系统进行进一步攻击。 攻击者可以通过嗅探网络通信获得用户敏感信息。目前没有详细漏洞细节提供。 Juniper Networks IVE OS 6.0 Juniper Networks IVE OS 5.4 目前没有详细解决方案提供: http://www.juniper.net...

7.1AI score
Exploits0
CERT
CERT
added 2006/05/04 12:0 a.m.38 views

Juniper Networks IVE client ActiveX control buffer overflow

Overview The ActiveX control used by Juniper IVE OS devices contains a buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable client. Description Juniper IVE OS is an operating system used by Juniper devices, such as the Juniper Networks Secu...

7.5CVSS7.4AI score0.67312EPSS
Exploits3References3
Prion
Prion
added 2006/04/29 10:2 a.m.16 views

Buffer overflow

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute...

7.5CVSS8.5AI score0.67312EPSS
Exploits3References11
NVD
NVD
added 2006/04/29 10:2 a.m.11 views

CVE-2006-2086

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute...

7.5CVSS7.8AI score0.67312EPSS
Exploits3References11
CVE
CVE
added 2006/04/29 10:0 a.m.72 views

CVE-2006-2086

The CVE-2006-2086 issue is a buffer overflow in the JuniperSetupDLL.dll loaded by JuniperSetup.ocx used by the Juniper SSL-VPN Client to access Juniper NetScreen IVE devices running IVE OS pre-final versions. The vulnerability is triggered by a long argument in the ProductName parameter, allowing...

7.5CVSS7.8AI score0.67312EPSS
Exploits3References11Affected Software1
Cvelist
Cvelist
added 2006/04/29 10:0 a.m.22 views

CVE-2006-2086

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute...

7.8AI score0.67312EPSS
Exploits3References11
securityvulns
securityvulns
added 2005/12/31 12:0 a.m.21 views

[Full-disclosure] Replay Attack Vulnerability on Sonys Instant Video Everywhere Service

Replay Attack Vulnerability on Sonys Instant Video Everywhere Service http://www.iptel.org/security/2005-12-31.html December 31, 2005 I. Background Sony offers a SIP based voice and video service called IVE. By downloading a client application for the Windows operating system everybody can make...

0.9AI score
Exploits0
CVE
CVE
added 2004/11/19 5:0 a.m.45 views

CVE-2004-0939

CVE-2004-0939 affects Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x when LDAP or NT domain authentication is enabled. The flaw is an unauthenticated brute-force risk caused by not limiting the number of password attempts during changepassword.cgi, allowing remote password guessing. Public s...

5CVSS7.4AI score0.01644EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2004/10/07 12:0 a.m.34 views

Neoteris IVE password bruteforcing

Change password page doesn't limit the number of attempts...

1.6AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2004/10/07 12:0 a.m.26 views

[Gosecure Adivsory] Neoteris IVE Vulnerability

Gosecure Advisory http://www.gosecure.ca Neoteris IVE changepassword.cgi Authentication Bypass Date Published: 2004-09-20 Date Discovered: 2004-07-23 Advisory ID: GOSECURE-2004-10 Class: Design Error Risk: Medium Vendor: Juniper Networks www.juniper.net Advisory URL:...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2004/10/07 12:0 a.m.25 views

[Gosecure Adivsory] Neoteris IVE Vulnerability

Gosecure Advisory http://www.gosecure.ca Neoteris IVE changepassword.cgi Authentication Bypass Date Published: 2004-09-20 Date Discovered: 2004-07-23 Advisory ID: GOSECURE-2004-10 Class: Design Error Risk: Medium Vendor: Juniper Networks www.juniper.net Advisory URL:...

0.3AI score
Exploits0
CERT
CERT
added 2004/03/09 12:0 a.m.30 views

NetScreen Instant Virtual Extranet (IVE) platform contains cross-site scripting vulnerability in delhomepage.cgi

Overview NetScreen Instant Virtual Extranet IVE platform contains a cross-site scripting vulnerability in the row parameter of delhomepage.cgi, which could allow an attacker to mount a cross-site scripting attack. Description The Instant Virtual Extranet platform is an application security gatewa...

6.1AI score
Exploits0References4
CVE
CVE
added 2003/05/14 4:0 a.m.61 views

CVE-2003-0217

CVE-2003-0217 describes a cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual Extranet (IVE) up to version 3.01, where an input parameter passed to a CGI script (notably swsrv.cgi) could be exploited to hijack a user session and bypass authentication. The underlying issue is impr...

6.8CVSS6.1AI score0.01321EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2003/05/14 12:0 a.m.40 views

XSS In Neoteris IVE Allows Session Hijacking

Note to Moderator: In light of some recent cross-site scripting posts allowed through to Bugtraq recently, grateful if you would pass this one onto the list....thanks. -d. ----------------------------------------------------------------------------------------------------=sMax. Security Advisory=...

6.8CVSS0.9AI score0.01321EPSS
Exploits0
Rows per page
Query Builder