674 matches found
CVE-2008-4485
CVE-2008-4485: XSS in the ICAP Patience page of Blue Coat SGOS. Affects SGOS 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7; remote attackers can inject arbitrary script via the URL. Connected sources confirm the issue; no patch/mitigation details are provided in the documents.
CVE-2008-4485
Cross-site scripting XSS vulnerability in the ICAP patience page in Blue Coat Security Gateway OS SGOS 4.2 before 4.2.9, 5.2 before 5.2.5, and 5.3 before 5.3.1.7 allows remote attackers to inject arbitrary web script or HTML via the URL...
Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability
Description Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to...
Authentication flaw
The pop3 Proxy in Astaro Security Gateway ASG 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment...
CVE-2007-4243
Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway ASG 7 allows remote attackers to cause a denial of service CPU consumption via certain network traffic, as demonstrated by P2P and iTunes applications that download large amounts of data...
CVE-2007-4242
The pop3 Proxy in Astaro Security Gateway ASG 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment...
CVE-2007-4243
Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway ASG 7 allows remote attackers to cause a denial of service CPU consumption via certain network traffic, as demonstrated by P2P and iTunes applications that download large amounts of data...
CVE-2007-4242
The pop3 Proxy in Astaro Security Gateway ASG 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment...
CVE-2007-4243
CVE-2007-4243 affects Astaro Security Gateway (ASG) 7, via a flaw in pfilter-reporter.pl that can cause a denial of service by consuming CPU when handling certain network traffic. Public demonstrations referenced P2P and iTunes traffic consuming large data volumes. Multiple connected sources reaf...
CVE-2007-4242
CVE-2007-4242 affects the Pop3 Proxy in Astaro Security Gateway (ASG) 7 . The issue is that attachments exceeding the maximum allowed size are not scanned for viruses and are passed through, enabling a bypass of virus scanning. The connected documents confirm the affected component and the root c...
CVE-2007-3253
Multiple unspecified vulnerabilities in Astaro Security Gateway ASG before 7.005 allow remote attackers to cause a denial of service via 1 certain email, which stops the SMTP Proxy during scanning; 2 certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing...
CVE-2007-3253
The CVE-2007-3253 entry relates to Astaro Security Gateway (ASG) prior to 7.005. The documented issues are three DoS vectors: (1) email path triggering the SMTP Proxy to stop during scanning, (2) HTTP traffic causing the HTTP proxy to stop or slow during responses that include virus-scanned pages...
CVE-2007-3253
Multiple unspecified vulnerabilities in Astaro Security Gateway ASG before 7.005 allow remote attackers to cause a denial of service via 1 certain email, which stops the SMTP Proxy during scanning; 2 certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing...
CheckPoint Connectra端点绕过安全检测漏洞
Check Point Connectra是一款Web安全网关,提供 SSL VPN 访问,并在一个统一的解决方案内集成了终端安全和应用安全。 Connectra在处理端点访问认证时存在漏洞,远程攻击者可能通过伪造认证信息来绕过安全检测,非授权获取访问。 Connectra的一个主要功能是综合端点安全服务,具体来讲,就是在客户端连接到内部网络之前会对客户端执行测试,检查该计算机是否存在安全风险,如果检测出风险就会提示用户风险的详细信息,并在该用户登陆到网络之前会要求再次进行测试。...
CVE-2006-0578
Blue Coat Proxy Security Gateway OS SGOS 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters...
Authentication flaw
Blue Coat Proxy Security Gateway OS SGOS 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters...
CVE-2006-0578
CVE-2006-0578 affects Blue Coat Proxy Security Gateway OS (SGOS) version 4.1.2.1. The issue arises because Deep Content Inspection does not enforce CONNECT rules, which can allow remote attackers to bypass connection filters. The connected PT-2006-1640 entry corroborates that remote bypass is pos...
CVE-2006-0578
Blue Coat Proxy Security Gateway OS SGOS 4.1.2.1 does not enforce CONNECT rules when using Deep Content Inspection, which allows remote attackers to bypass connection filters...
PT-2006-1640 · Blue Coat · Blue Coat Proxy Security Gateway Os
Name of the Vulnerable Software and Affected Versions: Blue Coat Proxy Security Gateway OS SGOS version 4.1.2.1 Description: The issue allows remote attackers to bypass connection filters due to the lack of enforcement of CONNECT rules when using Deep Content Inspection. Recommendations: For...
CVE-2004-2397
The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates...