20 matches found
EUVD-2015-1589
Malware in sbrugna...
EUVD-2015-8363
Malware in sbrugna...
SA163: OpenSSH Vulnerability October 2017
SUMMARY Symantec Network Protection products using affected versions of OpenSSH are susceptible to a security vulnerability. A remote attacker with read-only access to an SFTP server can create a large number of zero-length files and deplete the target's hard disk space. AFFECTED PRODUCTS The...
SA159: OpenSSL Vulnerabilities 7-Dec-2017
SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to two security vulnerabilities. A remote attacker can obtain Diffie-Hellman private key information and sensitive information accidentally transmitted in plaintext over an SSL/TLS connection. AFFECTED...
SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks
SUMMARY Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities aka Meltdown and Spectre attacks. A remote attacker, with the ability to execute arbitrary code...
SA152: Privilege Escalation Vulnerability in ProxyClient
SUMMARY The ProxyClient application for Windows is susceptible to a privilege escalation vulnerability. A malicious local Windows user can, under certain circumstances, exploit this vulnerability to escalate their privileges on the system and execute arbitrary code with LocalSystem privileges...
Solution Corner: Malwarebytes Endpoint Protection
We’ve been busy here at Malwarebytes with several product announcements recently. Malwarebytes Incident Response was released in late April, providing threat detection and remediation via our new cloud-based platform. Right on its heels, leveraging the same platform is Malwarebytes Endpoint...
SA141 : OpenSSL Vulnerabilities 26-Jan-2017
SUMMARY Symantec Network Protection products using affected versions of OpenSSL are susceptible to several vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain private key information. AFFECTED PRODUCTS The following products are vulnerable:...
SA135 : OpenSSL Vulnerabilities 10-Nov-2016
SUMMARY Blue Coat products using affected versions of OpenSSL are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to cause denial of service and obtain SSL/TLS session key information. AFFECTED PRODUCTS The following products are vulnerable: Director -...
Blue Coat Unified Agent < 4.6.2 Configuration File Manipulation Detection Failure
The version of Blue Coat Unified Agent installed on the remote Windows host is prior to 4.6.2. It is, therefore, affected by a flaw due to a failure to detect when a configuration file has been changed by an administrator when running in local enforcement mode. A local attacker can exploit this t...
Blue Coat Unified Agent Installed
Binary data bluecoatunifiedagentinstalled.nbin...
Blue Coat Unified Agent < 4.1.3.151952 Certificate Validation MitM
The version of Blue Coat Unified Agent installed on the remote Windows host is prior to 4.1.3.151952. It is, therefore, affected by a man-in-the-middle MitM vulnerability due to improper validation of the Client Manager certificate. A MitM attacker can exploit this, via a specially crafted...
CVE-2015-8482
Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors...
Design/Logic Flaw
Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors...
CVE-2015-8482
CVE-2015-8482 affects the Blue Coat Unified Agent prior to 4.6.2. In local enforcement mode, the agent does not prevent modification of its configuration files, allowing a locally privileged administrator to unblock categories or disable the agent via unspecified vectors. The issue is mitigated b...
CVE-2015-8482
Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when running in local enforcement mode, which allows local administrators to unblock categories or disable the agent via unspecified vectors...
Blue Coat ProxyClient / Unified Agent Certificate Validation Spoofing Vulnerability
ProxyClient is Blue Coat's recently released WAN optimization software client with integrated security and control features. Blue Coat ProxyClient 3.3.3.3 and versions 3.4.4.10 prior to 3.4.x and Unified Agent prior to 4.1.3.151952 do not properly validate certain certificates, allowing a...
CVE-2015-1454
Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software...
CVE-2015-1454
Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10 and Unified Agent before 4.1.3.151952 does not properly validate certain certificates, which allows man-in-the-middle attackers to spoof ProxySG Client Managers, and consequently modify configurations and execute arbitrary software...
CVE-2015-1454
CVE-2015-1454 affects Blue Coat ProxyClient before 3.3.3.3 and 3.4.x before 3.4.4.10, and Unified Agent before 4.1.3.151952. The issue is improper validation of certain certificates, enabling a man‑in‑the‑middle attacker to spoof ProxySG Client Managers and, via a crafted certificate, modify conf...