Lucene search
+L

90 matches found

Exploit DB
Exploit DB
added 2006/04/15 12:0 a.m.57 views

Symantec Sygate Management Server - 'LOGIN' SQL Injection (Metasploit)

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/02/03 12:0 a.m.41 views

[SA18689] Symantec Sygate Management Server SQL Injection

TITLE: Symantec Sygate Management Server SQL Injection SECUNIA ADVISORY ID: SA18689 VERIFY ADVISORY: http://secunia.com/advisories/18689/ CRITICAL: Moderately critical IMPACT: Security Bypass, Manipulation of data WHERE: From local network SOFTWARE: Sygate Secure Enterprise 3.x...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2006/02/03 12:0 a.m.43 views

Symantec Sygate Secure SQL injection

SQL injection in administration console...

2AI score
Exploits0References1Affected Software1
Prion
Prion
added 2006/02/02 11:2 a.m.21 views

Sql injection

SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server SMS version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL...

7.5CVSS9.2AI score0.0276EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2006/02/02 11:0 a.m.29 views

CVE-2006-0522

SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server SMS version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL...

8.5AI score0.0276EPSS
Exploits0References7
Symantec
Symantec
added 2006/02/01 8:0 a.m.34 views

Symantec Sygate Management Server: SMS Authentication Servlet SQL Injection

SUMMARY A SQL injection vulnerability in Symantec's Sygate Management Server SMS version 4.1, build 1417 and earlier could potentially allow a remote or local attacker to gain administrative privileges to the SMS server. Risk Impact High Remote Access | Yes ---|--- Local Access | Yes Authenticati...

7.5CVSS7.2AI score0.0276EPSS
Exploits0Affected Software1
NVD
NVD
added 2005/12/28 1:3 a.m.19 views

CVE-2005-4525

SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI SmcGui.exe and then killing the process, which causes the privileged management GUI to launch...

4.6CVSS6.1AI score0.00437EPSS
Exploits1References4
CVE
CVE
added 2005/12/28 1:0 a.m.51 views

CVE-2005-4525

CVE-2005-4525 affects the Sygate Protection Agent 5.0, build 6144, via the SmcGui.exe component. The described flaw is that a local user can trigger the privileged management GUI by launching SmcGui.exe and then terminating the process, which causes the high-privilege management interface to appe...

4.6CVSS6.5AI score0.00437EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2005/12/28 1:0 a.m.25 views

CVE-2005-4525

SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI SmcGui.exe and then killing the process, which causes the privileged management GUI to launch...

6.1AI score0.00437EPSS
Exploits1References4
securityvulns
securityvulns
added 2005/12/21 12:0 a.m.31 views

Sygate Protection Agent protection bypass

Unprivileged user can disable protection...

3.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/12/21 12:0 a.m.36 views

IRM 014: Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent

---------------------------------------------------------------------- IRM Security Advisory No. 014 Sygate Protection Agent 5.0 vulnerability - A low privileged user can disable the security agent Vulnerablity Type / Importance: Security Protection Bypass / High Problem discovered: November 23rd...

6.8AI score
Exploits0
CVE
CVE
added 2005/04/13 4:0 a.m.49 views

CVE-2005-1103

CVE-2005-1103 concerns the Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5–4.1. The vulnerability arises because SSA does not prevent unprivileged users from updating the security policy: an attacker can export the policy file, modify it, and re-import it, thereby changing policy sett...

4.6CVSS6.7AI score0.00314EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2005/04/13 4:0 a.m.19 views

CVE-2005-1103

Sygate Security Agent SSA in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA...

6.3AI score0.00314EPSS
Exploits0References1
NVD
NVD
added 2005/04/12 4:0 a.m.15 views

CVE-2005-1103

Sygate Security Agent SSA in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA...

4.6CVSS6.3AI score0.00314EPSS
Exploits0References1
NVD
NVD
added 2004/09/28 4:0 a.m.19 views

CVE-2003-0931

Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service service hang by replaying a malformed discovery packet to UDP port 39999...

5CVSS6.7AI score0.01574EPSS
Exploits0References3
NVD
NVD
added 2004/09/28 4:0 a.m.18 views

CVE-2004-0163

Sygate Secure Enterprise SSE 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service resource exhaustion by capturing a session and repeatedly replaying the session...

5CVSS6.6AI score0.01616EPSS
Exploits0References3
NVD
NVD
added 2004/09/28 4:0 a.m.20 views

CVE-2004-0593

Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules...

7.5CVSS6.7AI score0.01635EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.12 views

Trojan/Backdoor - SyGate Detection

Binary data 1918.prm...

7.5CVSS7.3AI score0.02515EPSS
Exploits0References1
CVE
CVE
added 2004/08/18 4:0 a.m.46 views

CVE-2003-0931

The CVE-2003-0931 entry concerns Sygate Enforcer 4.0 (earlier) where a remote attacker can cause a denial-of-service (service hang) by replaying a malformed discovery packet to UDP port 39999. The vulnerability is network‑facing and arises from processing malformed discovery packets, leading to p...

5CVSS7AI score0.01574EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2004/08/18 4:0 a.m.20 views

CVE-2003-0931

Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service service hang by replaying a malformed discovery packet to UDP port 39999...

6.7AI score0.01574EPSS
Exploits0References3
Rows per page
Query Builder