EUVD-2001-1085

Malware in sbrugna...

SonicWALL SOHO 5.1.7 Web Interface Multiple Remote Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12984/info Multiple remote input validation vulnerabilities affect SonicWALL SOHO. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generat...

SonicWall SOHO Web Interface XSS Vulnerability

SonicWall SOHO appliance are prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SonicWALL SOHO Web Interface Multiple Remote Input Validation Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via 1 the URL or 2 the user login name, which is not filtered when the administrator views the log file. CVE: CVE-2005-1006 Last updated: July 11, 2017, 1:32 a...

sonicwallXSS.txt

SonicWALL SOHO/10 - XSS and Code Injection vulnerability ======================================================== Product: ======== SonicWall SOHO/10 is the 2nd generation Internet Security Appliance from Sonicwall, with firewall-, vpn-, contentfiltering- and other capabilities. Vulnerability:...

SonicWALL SOHO Web Interface XSS

The remote host is a SonicWALL SOHO appliance. This version is affected by multiple issues, specifically a cross- site scripting vulnerability due to a lack of sanitization of user-supplied data. Successful exploitation of this issue may allow an attacker to execute malicious script code on a...

SonicWALL SOHO/10 firewall crossite scripting

No description provided...

SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities

SonicWALL SOHO 5.1.7 - Web Interface Multiple Remote Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/12984/info Multiple remote input validation vulnerabilities affect SonicWALL SOHO. These issues are due to a failure of the application to properly sanitize user-supplie...

Sonicwall SOHO Content Blocking Script Injection, LogFile Denial of Service

This advisory may be reproduced unmodified. Sonicwall SOHO Content Blocking Script Injection and Logfile DoS Test Unit : Sonicwall SOHO3 Firmware version: 6.3.0.0 ROM version: 5.0.1.0 Severity : Medium Issue : Sonicwall Allows administrators to block websites based on a user entered list of...

CVE-2001-1104

SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions...

CVE-2001-1104

SonicWALL SOHO is affected by CVE-2001-1104 due to predictable TCP Initial Sequence Numbers, enabling remote attackers to spoof/hijack sessions. The vulnerability affects the firewall component handling TCP connections; exploitation could allow session hijacking without user interaction. A remedi...

Weak TCP Sequence Numbers in Sonicwall SOHO Firewall

This may not seem bad, but to me it seems that this defeats the point of NAT if somebody can steal your sessions. Note the section on TCP sequence prediction. This was a Sonicwall SOHO firewall. ======= Host 192.168.1.254 appears to be up ... good. Initiating SYN half-open stealth scan against...

CVE-2001-1104

SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions...

SonicWALL SOHO Firewall Predictable TCP Initial Sequence Number Vulnerability

SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions. CVE: CVE-2001-1104 Last updated: Sept. 5, 2008, 8:25 p.m...

CVE-2000-1097

The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page...

CVE-2000-1097

The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page...

CVE-2000-1098

The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request...

Soho Firewall CVE-2000-1098 Denial-Of-Service Vulnerability

The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. CVE: CVE-2000-1098 Last updated: Sept. 5, 2008, 8:22 p.m...

SonicWALL SOHO username denial of service

The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. CVE: CVE-2000-1097 Last updated: Oct. 10, 2017, 1:29 a.m...

DoS in Sonicwall SOHO firewall

Hi, i was just playing a bit with a Sonicwall SOHO firewall, to verify performances and security of the product. I've noticed that using a very long string some hundreds of chars as the User Name in the auth page of the Sonicwall web server, the firewall reacts strangely: it begins to refuse...