11 matches found
IBM Proventia Network Mail Security System 2.5 POST File Read
No description provided by source. !/usr/bin/python ''' Author: muts of Offensive Security Product: IBM ISS Proventia Mail Security Version: 2.5 Vendor Site: http://www.ibm.com/us/en/ Product Page: http://www-935.ibm.com/services/us/en/it-services/proventia-network-mail-security-system.html...
IBM Proventia Network Mail Security System 2.5 - POST File Read
IBM Proventia Network Mail Security System 2.5 - POST File Read !/usr/bin/python ''' Author: muts of Offensive Security Product: IBM ISS Proventia Mail Security Version: 2.5 Vendor Site: http://www.ibm.com/us/en/ Product Page:...
Directory traversal
Directory traversal vulnerability in sla/index.php in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5 allows remote authenticated users to read arbitrary files via a .. dot dot in the l parameter, related to an "Insecur...
CVE-2010-0152
Multiple cross-site scripting XSS vulnerabilities in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via 1 the date1 parameter to pvmmessagestore.php, 2...
CVE-2010-0153
Multiple cross-site request forgery CSRF vulnerabilities in the Local Management Interface LMI on the IBM Proventia Network Mail Security System PNMSS appliance with firmware before 2.5.0.2 allow remote attackers to hijack the authentication of administrators for requests that 1 change settings o...
CVE-2010-0152
The CVE-2010-0152 entry corresponds to multiple cross-site scripting (XSS) vulnerabilities in the Local Management Interface (LMI) of the IBM Proventia Network Mail Security System (PNMSS) appliance, affecting firmware prior to 2.5.0.2. The XSS flaws enable injection of arbitrary script/HTML via ...
Proventia Network Mail Security System Insecure Direct Object Reference
Security Advisory: MVSA-10-008 / CVE-2010-0154 Vendor: IBM Products: Proventia Network Mail Security System Vulnerabilities: Insecure Direct Object Reference Risk: Medium Attack Vector: From Remote Authentication: Required Reference: http://www.ventuneac.net/security-advisories/MVSA-10-008...
MVSA-10-009 / CVE-2010-0155 - IBM Proventia Network Mail Security System - CRLF Injection vulnerability
Security Advisory: MVSA-10-009 / CVE-2010-0155 Vendor: IBM Products: Proventia Network Mail Security System Vulnerabilities: CRLF Injection Risk: Medium Attack Vector: From Remote Authentication: Required Reference: http://www.ventuneac.net/security-advisories/MVSA-10-009 Description Web-based...
MVSA-10-006 / CVE-2010-0153 - IBM Proventia Network Mail Security System - Cross-Site Request Forgery vulnerabilities
Security Advisory: MVSA-10-006 / CVE-2010-0153 Vendor: IBM Products: Proventia Network Mail Security System Vulnerabilities: Cross-Site Request Forgery XSRF Risk: High Attack Vector: From Remote Authentication: Required Reference: http://www.ventuneac.net/security-advisories/MVSA-10-006 Descripti...
Proventia Network Mail Security System CRLF Injection
Security Advisory: MVSA-10-009 / CVE-2010-0155 Vendor: IBM Products: Proventia Network Mail Security System Vulnerabilities: CRLF Injection Risk: Medium Attack Vector: From Remote Authentication: Required Reference: http://www.ventuneac.net/security-advisories/MVSA-10-009 Description Web-based...
CVE-2009-2543
CVE-2009-2543 (and closely related CVE-2009-1240) describes unspecified vulnerabilities in the IBM Proventia engine 4.9.0.0.44 (20081231) used in multiple IBM Proventia products that allow remote attackers to bypass malware detection by presenting modified archive formats (ZIP/CAB or RAR). The co...