Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability.
dc05d05741d0032ca22015833dc4041ed1ca3c2d65c591c24b1938667377ebc9
Symantec Messaging Gateway version 9.5.3-3 suffers from an authenticated arbitrary file download vulnerability.
02e19ca0a225fdcd1f0c1e586751901daa77b8a2d4f8ed03598a1e686d6ea790
Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.
0037358302ea3ef9e579ea39b29f6aeedaab8ea3fd730436e1fe43363d09f8dc
Symantec Messaging Gateway version 9.5.3-3 suffers from an out-of-band stored cross site scripting vulnerability via email. Unfortunately, as usual, the NCC group are withholding any details for three months.
efc556b14d7eaaab1ee4e073431e2ec92e2cb39a2d25ac6dc8ece93acb4541eb
Symantec Messaging Gateway version 9.5.3-3 suffers from an authenticated arbitrary file download vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
25af61338564cb5ac5945690d75e3ef01177fd3439ed35b0b88b7b650a1c8240
Symantec Messaging Gateway version 9.5.3-3 suffers from an unauthorized ssh access vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
c0fb665289612f001a3b0b55edd4149f5142e0dc932b0d8e4991ffd2e0c26fc2
Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
378f303f72289da19ddbd813812ef932bf32812e90d735f95783481de4d04b58
Symantec Messaging Gateway version 9.5.3-3 suffers from an unauthenticated detailed version disclosure vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
bbb4709841e4fe0d02dc171408f915bd1b98a01e969446b1da6b82f3608fa832
This Metasploit module exploits a default misconfiguration flaw on Symantec Messaging Gateway. The 'support' user has a known default password, which can be used to login to the SSH service, and gain privileged access from remote.
a43d27bd69dd1a7e1c0fff3b8a4a24b14573fc751ae1415faf70bc5354e57f89
Websense (Triton version 7.6) suffers from a stored cross site scripting vulnerability.
d95e2e527117d8f43289052a25656bb74a06860ac147a2a7878d7156ade95f33
Websense (Triton version 7.6) suffers from an unauthenticated remote command execution vulnerability as SYSTEM.
f645a7caf1ec5fabb47c1071d27be9fb15b3446fd7b8739afcce59b8eb6a2056
Websense (Triton version 7.6) suffers from an authentication bypass vulnerability in the report management UI.
6fdbe0556ac78b82f68cc8e77d4e00ba2b5d67d1b4691aa50a420a994e7628a0
Websense (Triton version 7.6) suffers from a cross site scripting vulnerability.
10ab91a8b28cfcb833d0dc22c278141f128e41c597a2bb2b7d79e811fab369ad
McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a file download vulnerability.
541d487c0fd9f602725c99856fa3e3627cd412b773bb200ff86822d291aee585
McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a password cracking vulnerability.
83b1fca33c08846e197daa065fc717ff51f5a94766c6b9b25ceeac7ca984be29
McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a token disclosure vulnerability.
5e6128752681e8d4144799b7dd87140151481f96ddb6ba769da110dd68f46272
McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from an access bypass vulnerability.
38b9c98ba1910b6ae86c52cbb72d534f1960caf1fa1e8484b1a424503d4d3a2b
McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a session hijacking vulnerability.
ea917b03e7a1554b15684bdf3c879c93ffadab2739f8cdd41c0e98cfd264ec09
McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a cross site scripting vulnerability.
0c1840f7a89acaf990fbe44ab43b5a65bc48fca9f572401830ddd523cc72dcde
This Metasploit module exploits a SIP username enumeration vulnerability in Asterisk. Performs a REGISTER scan for numeric peer usernames having a nat setting different to global sip nat setting. Works even when alwaysauthreject=yes. For this exploit to work, the source port cannot be 5060.
54da0d99e312b44be212dc5220e9ea0fef3a31a1f8a4b91a6f8f48f53c53ca09
Various Websense products suffer from a stored cross site scripting vulnerability.
bbf08900d088b14d88e0a2bf6321e7fe7ce0f120eeab7eab72fd4e100ce42413
Various Websense products suffer from unauthenticated remote command execution vulnerability.
e549a2fbd318fe2dbdfb412e12109360d21400f9c2d218e825b732d8f8e02e51
Various Websense products suffer from a reflective cross site scripting vulnerability.
ece90c79ca2a7739685ff63342d4b3f531e7efa8593f4912807b6aca78ab5854
Various Websense products suffer from an authentication bypass vulnerability.
2dc97d1c90a801c209072e2d488749516a0b6c66f1c93d5a035c0c47c908670f
Xlock local format string exploit for Linux/x86. Tested on Slackware 7.1 and Redhat 6.2.
4d145844ebe8a37d22c403be58bb4a6d5b30eb6341926262952994da081a236f