90 matches found
Symantec Sygate Management Server - 'LOGIN' SQL Injection (Metasploit)
This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...
[SA18689] Symantec Sygate Management Server SQL Injection
TITLE: Symantec Sygate Management Server SQL Injection SECUNIA ADVISORY ID: SA18689 VERIFY ADVISORY: http://secunia.com/advisories/18689/ CRITICAL: Moderately critical IMPACT: Security Bypass, Manipulation of data WHERE: From local network SOFTWARE: Sygate Secure Enterprise 3.x...
Symantec Sygate Secure SQL injection
SQL injection in administration console...
Sql injection
SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server SMS version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL...
CVE-2006-0522
SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server SMS version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL...
Symantec Sygate Management Server: SMS Authentication Servlet SQL Injection
SUMMARY A SQL injection vulnerability in Symantec's Sygate Management Server SMS version 4.1, build 1417 and earlier could potentially allow a remote or local attacker to gain administrative privileges to the SMS server. Risk Impact High Remote Access | Yes ---|--- Local Access | Yes Authenticati...
CVE-2005-4525
SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI SmcGui.exe and then killing the process, which causes the privileged management GUI to launch...
CVE-2005-4525
CVE-2005-4525 affects the Sygate Protection Agent 5.0, build 6144, via the SmcGui.exe component. The described flaw is that a local user can trigger the privileged management GUI by launching SmcGui.exe and then terminating the process, which causes the high-privilege management interface to appe...
CVE-2005-4525
SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI SmcGui.exe and then killing the process, which causes the privileged management GUI to launch...
Sygate Protection Agent protection bypass
Unprivileged user can disable protection...
IRM 014: Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent
---------------------------------------------------------------------- IRM Security Advisory No. 014 Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent Vulnerablity Type / Importance: Security Protection Bypass / High Problem discovered: November 23rd...
CVE-2005-1103
CVE-2005-1103 concerns the Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5–4.1. The vulnerability arises because SSA does not prevent unprivileged users from updating the security policy: an attacker can export the policy file, modify it, and re-import it, thereby changing policy sett...
CVE-2005-1103
Sygate Security Agent SSA in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA...
CVE-2005-1103
Sygate Security Agent SSA in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA...
CVE-2003-0931
Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service service hang by replaying a malformed discovery packet to UDP port 39999...
CVE-2004-0163
Sygate Secure Enterprise SSE 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service resource exhaustion by capturing a session and repeatedly replaying the session...
CVE-2004-0593
Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules...
Trojan/Backdoor - SyGate Detection
Binary data 1918.prm...
CVE-2003-0931
The CVE-2003-0931 entry concerns Sygate Enforcer 4.0 (earlier) where a remote attacker can cause a denial-of-service (service hang) by replaying a malformed discovery packet to UDP port 39999. The vulnerability is network‑facing and arises from processing malformed discovery packets, leading to p...
CVE-2003-0931
Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service service hang by replaying a malformed discovery packet to UDP port 39999...