Quest KACE System Management Appliance version 8.0 (Build 8.0.318) suffers from code execution, cross site scripting, path traversal, remote SQL injection, and various other vulnerabilities.
fd18c79b0364edc307ae0073788f224ea5fd016ba9223e6018267eb9911d3f41
Juniper Secure Access suffers from a cross site scripting vulnerability. SA Appliances running Juniper IVE OS 6.0 or higher are affected.
0882671fc019f10145475cd894b03e06c77f59799dbbcde50b40394c2be3d4ee
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco ASA (Adaptive Security Appliance) 5500 Series, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
aee38327eded88417c9e80ba663350c88067ed2c4685575b94410b847e9f8560
Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances are affected by TCP connection exhaustion, Session Initiation Protocol (SIP) Inspection, Skinny Client Control Protocol (SCCP) Inspection, and other denial of service vulnerabilities.
61078e6abcd2646842e506c59e2a188e999ff08e7355cfbcc617974b109d9c1b
Secunia Security Advisory - A vulnerability has been reported in Accellion File Transfer Appliance, which can be exploited by malicious people to conduct script insertion attacks.
117a6611bb69a41208ff7a42b9c141f3f003489f9644b4f1ae2f6331a3db3240
Secunia Security Advisory - A vulnerability has been reported in Accellion File Transfer Appliance, which can be exploited by malicious people to disclose sensitive information.
749a40fdfd338995be33c648e94bdc538d325114a9a8a480b5dad065280d8a5d
Cisco Security Advisory - Cisco IronPort Encryption Appliance devices contain two vulnerabilities that allow remote, unauthenticated access to any file on the device and one vulnerability that allows remote, unauthenticated users to execute arbitrary code with elevated privileges. There are workarounds available to mitigate these vulnerabilities.
f55041eba86b197e802f1e3fb48e213d4b2d5aaf87e4bb30235478c5e4e0f139
Core Security Technologies Advisory - A security vulnerability was discovered in LANDesk Management Suite: a cross-site request forgery which allows an external remote attacker to make a command injection that can be used to execute arbitrary code using the webserver user. As a result, an attacker can remove the firewall and load a kernel module, allowing root access to the appliance. It also can be used as a non-persistent XSS.
503f2b9ce130e8c9fd7df36be1f7004846c5609f67a25cc3666a370cdbd97a49
Core Security Technologies Advisory - The Cisco Secure Desktop web application does not sufficiently verify if a well-formed request was provided by the user who submitted the POST request, resulting in a cross-site scripting vulnerability. In order to be able to successfully make the attack, the Secure Desktop application on the Cisco Appliance must be turned on.
f8c48a5475b2b0502d92201a787561418f197b00968eea66badd89e44af41aab
This tool enumerates hostnames and URLs from Google. It features antibot avoidance, search within a country, custom search appliance, output either hostnames or URLs, and custom search depth. Written in Bash for Linux.
aeaa5ee7e1288ae22a7fb24145c07239602f4b84fa6f4237e6090bab65dd8be2
This Metasploit module exploits a stack overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN (IVE) appliance. By specifying an overly long string to the ProductName object parameter, the stack is overwritten.
26f61dc73b61764daa3a06c44ab90c018a5f7c37d9a49f838a2c3b1e07f7ce49
This Metasploit module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 (GA-2005-08-m). The target appliance must be able to connect back to your machine for this exploit to work.
bf415a1e9059ceeb4db8cc79d59e0eb830bd3d5f48ed7a59110d0560f2a5540e
This Metasploit module exploits an arbitrary command execution vulnerability in the Barracuda Spam Firewall appliance. Versions prior to 3.1.18 are vulnerable.
98f68f02962b87f0c2a1221f7accf276203796571faa6c22c97dc9329849ad36
This Metasploit module exploits the ContentKeeper Web Appliance. Versions prior to 125.10 are affected. This module exploits a combination of weaknesses to enable remote command execution as the Apache user. Following exploitation it is possible to abuse an insecure PATH call to 'ps' etc in setuid 'benetool' to escalate to root.
629ee439ef17eb790dc0b4ecfd87cba6375f929234dd537ad09b296c1e24dcec
Riorey DDoS mitigation appliances suffer from a very poor design vulnerability where they have a hardcoded root login and password for automation. Fail!
29c26502b9e544b424841c7d7e3ccd28614e8629e9e6f9e8c76dac87a75fd345
Secunia Security Advisory - McAfee has acknowledged some vulnerabilities in McAfee Email and Web Security Appliance, which can be exploited by malicious people to cause a DoS (Denial of Service).
d6c65a8d5aa42aa37e58a22d3ef3f1d52e72dff32f45f835c79fd1066183308a
Secunia Security Advisory - A vulnerability has been reported in McAfee Email and Web Security Appliance, which can be exploited to disclose potentially sensitive information.
384280c30f4c3758a6ed1d38505b71c2b79e06f2a1322f7e108b2641b38375b8
Secunia Security Advisory - Some vulnerabilities and a security issue have been reported in Cisco Adaptive Security Appliance (ASA), which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks.
15a3b50fe3731703bcd415e0c3b07c6411728f5fe6ac2dc4cc8772b7edf92d45
Cisco ASA/PIX appliances fail to properly check fragmented TCP packets.
cf31e2d808f52215c9aa9a83ebaf0678772e6f5065c0f50988aaf86c9f3745b9
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).
80d410969c691878a709a75d5ea8afc9ece8597cb3f362f5fdd4812a529beb88
Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. These range from multiple denial of service issues to authentication and ACL bypass vulnerabilities.
8ba8fbb9a40990200213b3b75a88bdf11eeb7d566fb1de495c5a0756ba1115fd
Secunia Security Advisory - david.vorel has reported a vulnerability in Trend Micro InterScan Web Security Suite and Trend Micro InterScan Web Security Virtual Appliance, which can be exploited by malicious people to disclose sensitive information.
1812723500b3c21417fcfae1d842739342aa0f9171fca401a25eef2313d30332
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
6bad1825bd45ef8bf1e89e87f023e29b3ea29e67cfd0f9625ddb382f30bb8dc8
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
060a4c69b772c5dbbe93812a8abd274eb7234e26034b2a9e635c88b055b0e945
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
abfe5378aa1c420b5a843819d5ee86801f09ce9f74415f92a8ad6c7fa7640eb6
Secunia Security Advisory - A vulnerability has been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to cause a DoS (Denial of Service).
b131567d596e133b91b1b1de979c62fd6315dd03f708cb833c81f8c0283020ca