18 matches found
EUVD-2012-2590
Malware in sbrugna...
EUVD-2012-2592
Malware in sbrugna...
CVE-2012-2606
The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack...
CVE-2012-2604
Multiple cross-site scripting XSS vulnerabilities in GuestAccess.jsp in the Guest/Contractor access component in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields...
CVE-2012-2605
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...
Zhongkexinye Network Sentry Arbitrary Command Execution Vulnerability (CNVD-2015-07915)
ZKXY Network Sentinel is an Internet security auditing system that integrates behavioral auditing and content auditing, and is deployed as a bypass at the network egress. ZKXN Network Sentry suffers from an arbitrary command execution vulnerability. An attacker can exploit the vulnerability to...
CVE-2012-2605
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...
CVE-2012-2606
The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack...
Authentication flaw
The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in GuestAccess.jsp in the Guest/Contractor access component in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields...
CVE-2012-2604
Multiple cross-site scripting XSS vulnerabilities in GuestAccess.jsp in the Guest/Contractor access component in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields...
CVE-2012-2605
Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bradford Network Sentry before 5.3.3 allow remote attackers to hijack the authentication of administrators for requests that 1 insert XSS sequences or 2 send messages to clients...
CVE-2012-2606
The agent in Bradford Network Sentry before 5.3.3 does not require authentication for messages, which allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to UDP port 4567, as demonstrated by a replay attack...
CVE-2012-2605
Bradford Network Sentry
CVE-2012-2604
CVE-2012-2604 corresponds to multiple XSS vulnerabilities in Bradford Network Sentry’s Administrative GuestAccess.jsp (Guest/Contractor access). The affected component is Bradford Network Sentry before version 5.3.3, where remote authenticated users can inject arbitrary web script or HTML via uns...
CVE-2012-2606
Bradford Network Sentry before 5.3.3 contains an authentication flaw in the agent listening on UDP port 4567. The lack of authentication allows a remote attacker to trigger the display of arbitrary text on a workstation via a crafted UDP packet, demonstrated by a replay attack. Affected product i...
Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities
Overview Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities which could allow an attacker to execute arbitrary code with the privileges of the application. Description Bradford Network Sentry v5.3 NS500 appliance contains multiple vulnerabilities:CWE-79: Improper...