Lucene search
K

674 matches found

CVE
CVE
added 2008/10/08 1:0 a.m.47 views

CVE-2008-4485

CVE-2008-4485: XSS in the ICAP Patience page of Blue Coat SGOS. Affects SGOS 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7; remote attackers can inject arbitrary script via the URL. Connected sources confirm the issue; no patch/mitigation details are provided in the documents.

4.3CVSS5.8AI score0.01528EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2008/10/08 1:0 a.m.20 views

CVE-2008-4485

Cross-site scripting XSS vulnerability in the ICAP patience page in Blue Coat Security Gateway OS SGOS 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL...

5.8AI score0.01528EPSS
Exploits0References9
Symantec
Symantec
added 2008/07/08 12:0 a.m.27 views

Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability

Description Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to...

0.5AI score
Exploits0References30Affected Software79
Prion
Prion
added 2007/08/08 10:17 p.m.15 views

Authentication flaw

The pop3 Proxy in Astaro Security Gateway ASG 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment...

5CVSS7.2AI score0.01544EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/08/08 10:17 p.m.12 views

CVE-2007-4243

Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway ASG 7 allows remote attackers to cause a denial of service CPU consumption via certain network traffic, as demonstrated by P2P and iTunes applications that download large amounts of data...

7.8CVSS6.6AI score0.02561EPSS
Exploits0References14
NVD
NVD
added 2007/08/08 10:17 p.m.18 views

CVE-2007-4242

The pop3 Proxy in Astaro Security Gateway ASG 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment...

5CVSS6.6AI score0.01544EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/08/08 10:0 p.m.20 views

CVE-2007-4243

Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway ASG 7 allows remote attackers to cause a denial of service CPU consumption via certain network traffic, as demonstrated by P2P and iTunes applications that download large amounts of data...

6.6AI score0.02561EPSS
Exploits0References14
Cvelist
Cvelist
added 2007/08/08 10:0 p.m.22 views

CVE-2007-4242

The pop3 Proxy in Astaro Security Gateway ASG 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment...

6.6AI score0.01544EPSS
Exploits0References6
CVE
CVE
added 2007/08/08 10:0 p.m.53 views

CVE-2007-4243

CVE-2007-4243 affects Astaro Security Gateway (ASG) 7, via a flaw in pfilter-reporter.pl that can cause a denial of service by consuming CPU when handling certain network traffic. Public demonstrations referenced P2P and iTunes traffic consuming large data volumes. Multiple connected sources reaf...

7.8CVSS6.6AI score0.02561EPSS
Exploits0References14Affected Software1
CVE
CVE
added 2007/08/08 10:0 p.m.40 views

CVE-2007-4242

CVE-2007-4242 affects the Pop3 Proxy in Astaro Security Gateway (ASG) 7 . The issue is that attachments exceeding the maximum allowed size are not scanned for viruses and are passed through, enabling a bypass of virus scanning. The connected documents confirm the affected component and the root c...

5CVSS6.6AI score0.01544EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/06/18 10:30 a.m.17 views

CVE-2007-3253

Multiple unspecified vulnerabilities in Astaro Security Gateway ASG before 7.005 allow remote attackers to cause a denial of service via 1 certain email, which stops the SMTP Proxy during scanning; 2 certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing...

7.8CVSS7AI score0.02945EPSS
Exploits0References8
CVE
CVE
added 2007/06/18 10:0 a.m.43 views

CVE-2007-3253

The CVE-2007-3253 entry relates to Astaro Security Gateway (ASG) prior to 7.005. The documented issues are three DoS vectors: (1) email path triggering the SMTP Proxy to stop during scanning, (2) HTTP traffic causing the HTTP proxy to stop or slow during responses that include virus-scanned pages...

7.8CVSS7AI score0.02945EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/06/18 10:0 a.m.21 views

CVE-2007-3253

Multiple unspecified vulnerabilities in Astaro Security Gateway ASG before 7.005 allow remote attackers to cause a denial of service via 1 certain email, which stops the SMTP Proxy during scanning; 2 certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing...

7AI score0.02945EPSS
Exploits0References8
seebug.org
seebug.org
added 2007/01/23 12:0 a.m.24 views

CheckPoint Connectra端点绕过安全检测漏洞

Check Point Connectra是一款Web安全网关,提供 SSL VPN 访问,并在一个统一的解决方案内集成了终端安全和应用安全。 Connectra在处理端点访问认证时存在漏洞,远程攻击者可能通过伪造认证信息来绕过安全检测,非授权获取访问。 Connectra的一个主要功能是综合端点安全服务,具体来讲,就是在客户端连接到内部网络之前会对客户端执行测试,检查该计算机是否存在安全风险,如果检测出风险就会提示用户风险的详细信息,并在该用户登陆到网络之前会要求再次进行测试。...

7AI score
Exploits0
NVD
NVD
added 2006/02/08 1:2 a.m.11 views

CVE-2006-0578

Blue Coat Proxy Security Gateway OS SGOS 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters...

7.5CVSS6.8AI score0.0176EPSS
Exploits0References7
Prion
Prion
added 2006/02/08 1:2 a.m.16 views

Authentication flaw

Blue Coat Proxy Security Gateway OS SGOS 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters...

7.5CVSS7.3AI score0.0176EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2006/02/08 1:0 a.m.50 views

CVE-2006-0578

CVE-2006-0578 affects Blue Coat Proxy Security Gateway OS (SGOS) version 4.1.2.1. The issue arises because Deep Content Inspection does not enforce CONNECT rules, which can allow remote attackers to bypass connection filters. The connected PT-2006-1640 entry corroborates that remote bypass is pos...

7.5CVSS6.8AI score0.0176EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/02/08 1:0 a.m.18 views

CVE-2006-0578

Blue Coat Proxy Security Gateway OS SGOS 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters...

6.8AI score0.0176EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2006/02/08 12:0 a.m.11 views

PT-2006-1640 · Blue Coat · Blue Coat Proxy Security Gateway Os

Name of the Vulnerable Software and Affected Versions: Blue Coat Proxy Security Gateway OS SGOS version 4.1.2.1 Description: The issue allows remote attackers to bypass connection filters due to the lack of enforcement of CONNECT rules when using Deep Content Inspection. Recommendations: For...

7.5CVSS6.8AI score0.0176EPSS
Exploits0References8
Cvelist
Cvelist
added 2005/08/17 4:0 a.m.19 views

CVE-2004-2397

The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates...

7.4AI score0.00863EPSS
Exploits0References5
Rows per page
Query Builder