674 matches found
Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities
Title: ====== Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=8 VL-ID: ===== 8 Introduction: ============= Das Astaro Security Gateway 625 wurde speziell fur den Schutz gro?er Unternehm...
Astaro Security Gateway crossite scripting
Multiple crossite scripting possibilities...
Astaro Security Gateway Detection
Astaro Security Gateway, a suite of network / mail / web security tools, is running on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58107; scriptversion"1.6"; scriptcvsdate"Date: 2020/01/22"; scriptnameenglish:"Astaro Security Gateway Detection";...
Astaro Security Gateway Whitelist Bypass
Advisory Information Title: Astaro Security Gateway - bypass using whitelist domain pattern weakness upSploit Ref: UPS-2011-0041 Advisory Summary Astaro Security Gateway's default Web Filtering Exceptions allow specially-named domains to bypass security features of the firewall. Vendor Astaro...
Astaro Security Gateway 8.1 Cross Site Scripting
Title: ====== Astaro Security Gateway v8.1 - Input Validation Vulnerability Date: ===== 2011-12-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=193 VL-ID: ===== 193 Introduction: ============= Das Astaro Security Gateway 8.101 wurde speziell für den Schutz großer...
Astaro Gateway v8.1 - Input Validation Vulnerability
Document Title: =============== Astaro Gateway v8.1 - Input Validation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=193 Release Date: ============= 2011-12-26 Vulnerability Laboratory ID VL-ID: ==================================== 193...
Websense 7.6 Products - 'favorites.exe' Authentication Bypass
source: https://www.securityfocus.com/bid/51087/info Multiple Websense products are prone to an authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access. The following Websense products are affected: Websense...
Websense 7.6 Products - favorites.exe Authentication Bypass
Websense 7.6 Products - favorites.exe Authentication Bypass source: https://www.securityfocus.com/bid/51087/info Multiple Websense products are prone to an authentication-bypass vulnerability. Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized...
CVE-2011-1904
An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command...
CVE-2011-1903
SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
CVE-2011-1902
Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors...
Sql injection
SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors...
Command injection
An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command...
Directory traversal
Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in unspecified administrative modules in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allow remote attackers to hijack the authentication ...
CVE-2011-1905
Multiple cross-site request forgery CSRF vulnerabilities in unspecified administrative modules in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allow remote attackers to hijack the authentication ...
CVE-2011-1903
The entry CVE-2011-1903 describes a SQL injection vulnerability in an unspecified function of Proofpoint Messaging Security Gateway (versions up to 6.2.0.263:6.2.0.237) and Proofpoint Protection Server (5.5.3–5.5.5, 6.0.2, 6.1.1, 6.2.0). The vulnerability allows remote attackers to execute arbitr...
CVE-2011-1904
CVE-2011-1904 affects Proofpoint products: Messaging Security Gateway 6.2.0.263/6.2.0.237 and earlier versions of Protection Server (5.5.3–5.5.5, 6.0.2, 6.1.1, 6.2.0). The issue is described as an unspecified function in the web interface that allows remote command execution via unknown vectors, ...
CVE-2011-1904
An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command...
CVE-2011-1901
The mail-filter web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to bypass authentication via unspecified vectors...