19 matches found
EUVD-2007-5763
Malware in sbrugna...
EUVD-2005-3669
Malware in sbrugna...
EUVD-2004-0497
Malware in sbrugna...
Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation Exploit
Exploit Title: Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation Exploit Author : TOUHAMI KASBAOUI Vendor Homepage : https://www.forcepoint.com/ Software: Stonesoft VPN Windows Version : 6.2.0 / 6.8.0 Tested on : Windows 10 CVE : N/A Description local privilege escalation vertical...
Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation
Exploit Title: Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation Exploit Author : TOUHAMI KASBAOUI Vendor Homepage : https://www.forcepoint.com/ Software: Stonesoft VPN Windows Version : 6.2.0 / 6.8.0 Tested on : Windows 10 CVE : N/A Description local privilege escalation vertical...
Check Point Response to Stonesoft IPS Evasion Techniques published on June 14, 2011
...
Stonesoft Claims To Find More Evasion Techniques in Security Products
Four months after it first went public with a warning about widespread vulnerabilities in network security products, Stonesoft said it has found more than 100 new holes, and that security vendors are doing little to address the problem. The company on Monday announced that it has submitted...
Check Point's Response to Stonesoft's "Advanced Evasion Techniques" (CVE-2010-0102)
...
Warning About IDS Evasion Greeted by Chorus of 'Meh'
‘All your IDS are belong to us,’ was the message on Monday, after researchers at networking security equipment vendor Stonesoft announced the discovery of evasion techniques that could be used by sophisticated attackers to bypass network based IDS and IPS. The disclosure raises questions about th...
CVE-2009-2631
CVE-2009-2631 describes a design-level flaw in multiple clientless SSL VPN products (e.g., Stonesoft StoneGate, Cisco ASA, SonicWALL E-Class SSL VPN, Citrix Access Gateway, Juniper Secure Access, Nortel CallPilot, SafeNet SecureWire) where, if configured to access resources from a different domai...
Design/Logic Flaw
Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection...
CVE-2007-5793
Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection...
CVE-2007-5793
CVE-2007-5793 affects Stonesoft StoneGate IPS before 4.0, where the product fails to properly decode Fullwidth/Halfwidth Unicode encoded data. This vulnerability could allow remote attackers to scan or penetrate systems and avoid detection, per the NVD description. No explicit exploit details or ...
CVE-2007-5793
Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection...
CVE-2005-3672
CVE-2005-3672 concerns the Internet Key Exchange version 1 (IKEv1) implementation in Stonesoft StoneGate Firewall before 2.6.1. A remote attacker can cause a denial of service by sending certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. The Stonesoft advisory...
CVE-2005-3672
The Internet Key Exchange version 1 IKEv1 implementation in Stonesoft StoneGate Firewall before 2.6.1 allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Stonesoft...
CVE-2004-0498
The CVE concerns StoneSoft firewall engine (H.323 protocol agent) versions 2.2.8 and earlier. The underlying issue is a vulnerability in the H.323 protocol agent that enables remote attackers to cause a denial of service (crash) via crafted H.323 packets. This is a network-exposed issue with a Pa...
CVE-2004-0498
The H.323 protocol agent in StoneSoft firewall engine 2.2.8 and earlier allows remote attackers to cause a denial of service crash via crafted H.323 packets...
CVE-2004-0498
The H.323 protocol agent in StoneSoft firewall engine 2.2.8 and earlier allows remote attackers to cause a denial of service crash via crafted H.323 packets...