EUVD-2007-3143

Malware in sbrugna...

EUVD-2016-6709

Malware in sbrugna...

EUVD-2007-2774

Malware in sbrugna...

EUVD-2008-1048

Malware in sbrugna...

SA163: OpenSSH Vulnerability October 2017

SUMMARY Symantec Network Protection products using affected versions of OpenSSH are susceptible to a security vulnerability. A remote attacker with read-only access to an SFTP server can create a large number of zero-length files and deplete the target's hard disk space. AFFECTED PRODUCTS The...

SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks

SUMMARY Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities aka Meltdown and Spectre attacks. A remote attacker, with the ability to execute arbitrary code...

SA157: OpenSSL Vulnerabilities 28-Aug-2017 and 2-Nov-2017

SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can send a crafted X.509 certificate to cause unspecified impact. They can exploit, under certain circumstances, a computational flaw in the Montgomery...

SA150: NSS Vulnerability April 2017

SUMMARY Symantec Network Protection products using affected versions of NSS are susceptible to a security vulnerability. A remote attacker can send crafted Base64-encoded data and execute arbitrary code or cause denial of service through an application crash. AFFECTED PRODUCTS The following...

SA141 : OpenSSL Vulnerabilities 26-Jan-2017

SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain private key information. AFFECTED PRODUCTS The following products are vulnerable:...

SA131 : TCP Session Hijacking in Operating Systems Supporting RFC 5961

SUMMARY Blue Coat products that include a vulnerable version of an operating system that supports RFC 5961 are susceptible to a TCP session hijacking vulnerability. A remote, off-path attacker can infer the sequence numbers of an existing TCP connection, and either reset the connection or inject...

Blue Coat PacketShaper S-Series Information Disclosure Vulnerability

Blue Coat PacketShaper S-Series is a scalable S-Series WAN optimization and network QoS platform from Blue Coat Systems. The platform provides bandwidth cost control, application performance optimization and network performance monitoring. An information disclosure vulnerability exists in the HTT...

CVE-2016-5774

The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before 11.5.3.2 might allow remote attackers to obtain sensitive credentials and other information via unspecified vectors, related to use of insecure cryptographic parameters...

CVE-2016-5774

The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before 11.5.3.2 might allow remote attackers to obtain sensitive credentials and other information via unspecified vectors, related to use of insecure cryptographic parameters...

Design/Logic Flaw

The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before 11.5.3.2 might allow remote attackers to obtain sensitive credentials and other information via unspecified vectors, related to use of insecure cryptographic parameters...

CVE-2016-5774

CVE-2016-5774 affects Blue Coat PacketShaper S-Series: the HTTPS server in 11.5.x before 11.5.3.2 uses insecure cryptographic parameters, enabling a remote attacker to obtain credentials and other sensitive information via management interfaces. Affected product: PacketShaper S-Series 11.5.x (bef...

CVE-2016-5774

The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before 11.5.3.2 might allow remote attackers to obtain sensitive credentials and other information via unspecified vectors, related to use of insecure cryptographic parameters...

SA127 : PacketShaper S-Series Insecure Cryptographic Parameters

SUMMARY The HTTPS web UI in PacketShaper S-Series 11.5 may use insecure cryptographic parameters for incoming management connections. A remote attacker who can be a man-in-the-middle, under certain circumstances, may be able to exploit this vulnerability to obtain user authentication credentials...

SA124 : NSS Vulnerabilities March 2016

SUMMARY Blue Coat products that include affected versions of NSS are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service through application crashes, or to possibly execute arbitrary code. AFFECTED PRODUCTS The following products...

SA123 : OpenSSL Vulnerabilities 3-May-2016

SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to intercept and decrypt TLS sessions, obtain arbitrary data from the target's memory stack, or execute arbitrary code through buffer...

SA120 : Truncated Diffie-Hellman Secret Generation in libssh2

SUMMARY Blue Coat products that include affected versions of libssh2 are susceptible to a truncated Diffie-Hellman secret length vulnerability. A remote man-in-the-middle MITM attacker can exploit this vulnerability to intercept SSH connections that originate from Blue Coat products. The MITM...