52 matches found
EUVD-2015-2940
Malware in sbrugna...
EUVD-2015-2941
Malware in sbrugna...
EUVD-2015-2942
Malware in sbrugna...
EUVD-2016-1444
Malware in sbrugna...
EUVD-2017-6985
Malware in sbrugna...
Code injection
Symantec SSL Visibility SSLV 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat ROBOT attack. All affected SSLV versions act as weak oracles according the oracle classification used in the ROBOT research paper. A remo...
CVE-2017-15533
Symantec SSL Visibility SSLV 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat ROBOT attack. All affected SSLV versions act as weak oracles according the oracle classification used in the ROBOT research paper. A remo...
CVE-2017-15533
Symantec SSL Visibility SSLV 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat ROBOT attack. All affected SSLV versions act as weak oracles according the oracle classification used in the ROBOT research paper. A remo...
CVE-2017-15533
CVE-2017-15533 is tied to Symantec SSL Visibility (SSLV) affecting versions 3.8.4FC, 3.10 before 3.10.4.1, 3.11, and 3.12 before 3.12.2.1. The vulnerability is a variation of the Bleichenbacher/ROBOT padding oracle attack, where a remote attacker who has a pre-recorded SSL session can perform mil...
CVE-2017-15533
Symantec SSL Visibility SSLV 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat ROBOT attack. All affected SSLV versions act as weak oracles according the oracle classification used in the ROBOT research paper. A remo...
SA165: NTP Vulnerabilities February 2018
SUMMARY Symantec Network Protection products using affected versions of the NTP reference implementation from ntp.org are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code, modify the target's system time, prevent the target fro...
SA163: OpenSSH Vulnerability October 2017
SUMMARY Symantec Network Protection products using affected versions of OpenSSH are susceptible to a security vulnerability. A remote attacker with read-only access to an SFTP server can create a large number of zero-length files and deplete the target's hard disk space. AFFECTED PRODUCTS The...
SA159: OpenSSL Vulnerabilities 7-Dec-2017
SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to two security vulnerabilities. A remote attacker can obtain Diffie-Hellman private key information and sensitive information accidentally transmitted in plaintext over an SSL/TLS connection. AFFECTED...
SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks
SUMMARY Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities aka Meltdown and Spectre attacks. A remote attacker, with the ability to execute arbitrary code...
SA150: NSS Vulnerability April 2017
SUMMARY Symantec Network Protection products using affected versions of NSS are susceptible to a security vulnerability. A remote attacker can send crafted Base64-encoded data and execute arbitrary code or cause denial of service through an application crash. AFFECTED PRODUCTS The following...
JVN#91438377: SSL Visibility Appliance may generate illegal RST packets
SSL Visibility Appliance provided by Blue Coat Systems, Inc. is used as a transparent proxy for encrypted traffic management. It is reported that the appliance generates RST packets with incorrect sequence numbers when it receives HTTPS requests from certain web browsers. When the web server behi...
CVE-2016-10259
Symantec SSL Visibility SSLV 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connecti...
CVE-2016-10259
Symantec SSL Visibility SSLV 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connecti...
CVE-2016-10259
Symantec SSL Visibility (SSLV) is affected by CVE-2016-10259. Affected versions: SSLV 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1. Description: under certain conditions, a malicious SSL client can cause the SSL server’s TCP connection pool to be exhausted, leading to a denial of ...
CVE-2016-10259
Symantec SSL Visibility SSLV 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connections. A malicious SSL client can, under certain circumstances, temporarily exhaust the TCP connecti...