674 matches found
CVE-2011-1904
An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command...
CVE-2011-1905
Multiple cross-site request forgery CSRF vulnerabilities in unspecified administrative modules in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allow remote attackers to hijack the authentication ...
CVE-2011-1901
The mail-filter web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to bypass authentication via unspecified vectors...
ZyWALL USG Appliance - Multiple Vulnerabilities
Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuration files, that are applied automatically. Details =======...
Check Point SSL VPN On-Demand应用程序远程代码执行漏洞
Bugtraq ID: 47695 CVE ID:CVE-2011-1827 SNX SecureWorkSpace和Endpoint Security On-Demand可从Connectra或security gateways下载的客户端,可实现按需远程连接。它们可使用Check Point Deployment Agent Java applet或ActiveX控件配置在浏览中。 应用程序SSL网络扩展器SNX, SecureWorkSpace和Endpoint Security On-Demand通过浏览器配置时,容易受到恶意网站的攻击,导致在末端用户机器上执行任意恶意代码。...
Design/Logic Flaw
The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGIC Ethernet interface is used, allow remote attackers to cause a denial of service interface outage...
Microsoft SMB Client Memory Allocation Memory Corruption (MS10-020; CVE-2010-0269)
The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A elevation of privilege vulnerability has been reported in the Microsoft Windows Server Message Block SMB client implementation. The vulnerability is due to an error in the Microsoft SMB client...
Microsoft Windows SMB Client Pool Corruption (MS10-006; CVE-2010-0016)
The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote code execution vulnerability has been reported in the Microsoft Server Message Block SMB Protocol. The vulnerability is due to an error in the Microsoft SMB implementation that improperly...
IBM DataPower XS40 security gateway DoS
ICMP packet with destination address 0.0.0.0 causes device to hang...
Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting
Overview Canon IT Solutions Inc. ACCESSGUARDIAN contains a cross-site scripting vulnerability. Canon IT Solutions Inc. ACCESSGUARDIAN is a web security gateway. ACCESSGUARDIAN contains a cross-site scripting vulnerability. Ohji Kashiwazaki of GLOBAL SECURITY EXPERTS Inc. reported this vulnerabili...
JVN#33822756 Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting
Canon IT Solutions Inc. ACCESSGUARDIAN is a web security gateway. ACCESSGUARDIAN contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by...
CVE-2009-0120
The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 allows remote attackers to cause a denial of service device reboot by sending data over an established SSL connection, as demonstrated by the abc\r\n\r\n string data...
CVE-2009-0120
The CVE-2009-0120 entry affects IBM WebSphere DataPower XML Security Gateway XS40 firmware 3.6.1.5. It allows remote attackers to cause a denial of service (device reboot) by sending data over an established SSL connection (demonstrated using the string abc\r\n\r\n). The NVD entry lists a high im...
CVE-2009-0120
The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 allows remote attackers to cause a denial of service device reboot by sending data over an established SSL connection, as demonstrated by the abc\r\n\r\n string data...
IBM DataPower XS40 Security Gateway DoS
Crash on malformed SSL data...
IBM WebSphere DataPower XML Security Gateway XS40远程拒绝服务漏洞
BUGTRAQ ID: 33169 CNCAN ID:CNCAN-2009010903 IBM WebSphere DataPower XML Security Gateway XS40是一款XML安全网关。 通过已经建立的SSL连接,发送简单的random?字符串给IBM DataPower XS40安全网关设备,可导致设备重启,造成拒绝服务攻击。 IBM WebSphere DataPower XML Security Gateway XS40 3.6.1 .5 厂商解决方案 目前没有解决方案提供:...
IBM DataPower XS40 Denial Of Service
It appears it is possible to crash the IBM DataPower XS40 Security Gateway device by sending a simple random? string to it, over an established SSL-connection. The device reboots as a response to the input. Tested vulnerable firmware is 3.6.1.5 Issue fixed as tested in 3.6.1.12 Tested as follows...
IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial of Service
IBM Websphere DataPower XML Security Gateway 3.6.1 XS40 - Remote Denial of Service source: https://www.securityfocus.com/bid/33169/info IBM WebSphere DataPower XML Security Gateway XS40 is prone to a remote denial-of-service vulnerability because it fails to handle user-supplied input. Remote...
CVE-2008-2625: Oracle DBMS – Proxy Authentication Vulnerability
Oracle is a widely-deployed Database Management System DBMS that supports a variety of applications. Many multi-tier applications are designed to use proxy authentication, restricting a middle tier to establish the database connection on behalf of the users. The standard authentication mechanism...
CVE-2008-4485
Cross-site scripting XSS vulnerability in the ICAP patience page in Blue Coat Security Gateway OS SGOS 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL...