Okta Access Gateway version 2020.5.5 suffers from multiple authenticated remote root command injection vulnerabilities.
fde1ff592fc34fc94cc529909b2816a1c21c20b0fb847dc8e826cd07707aeffaIBM WebSphere MQ File Transfer Edition Web Gateway suffers from a cross site request forgery vulnerability.
06b2bda21b62241e495908f7f89cca912345a066fc02b98fb7be62e23b3b7da5Secunia Security Advisory - Multiple vulnerabilities have been reported in Citrix Access Gateway, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and conduct spoofing attacks.
518fd01196641e9b64d8d87ee29b8736e5906153637e24b20906dadba00b056bSecunia Research has discovered a vulnerability in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the nsepacom ActiveX control (nsepa.exe) when processing HTTP responses based on the request via the "StartEpa()" method. This can be exploited to cause a heap-based buffer overflow via an overly long "CSEC" HTTP response header. Successful exploitation allows execution of arbitrary code. Citrix Access Gateway Plug-in for Windows version 9.3.49.5 is affected.
88190841a21f5703514230e00d059f52693aa6867752ab05cf5658926bb7ec55Secunia Research has discovered a vulnerability in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer overflow error in the nsepacom ActiveX control (nsepa.exe) when processing HTTP responses based on the request via the "StartEpa()" method. This can be exploited to cause a heap-based buffer overflow via a specially crafted "Content-Length" HTTP response header. Successful exploitation may allow execution of arbitrary code. Citrix Access Gateway Plug-in for Windows version 9.3.49.5 is affected.
e3fca65bdb01a3b7b24ef54cae23d5e08cd0034667d410d5364cab845d4fe8a7Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system.
07d58c8854e7f3255cc40544ea9e0bbfc67f592ba11f516d1ed5f2d4697aa452Symantec Web Gateway version 5.0.3.18 suffers from a remote blind SQL injection vulnerability in deptUploads_data.php.
3979d02fd58b3d8d425160bc812c8985dd4e717d3e8b65cbe4b4ce9d8c41fd1bThis Metasploit module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service. While handling the filename parameter, the Spywall API does not do any filtering before passing it to an exec() call in proxy_file(), thus results in remote code execution under the context of the web server. Please note authentication is NOT needed to gain access.
0cd8a8da3d231693715d4e8b287a75415523666ac53647e469041b791662ac0bSymantec Web Gateway version 5.0.3.18 local file inclusion remote root command execution exploit.
88327d0f7cbaac39c6aad31a8ef7f4b43b8d525c4c4b964adfb91854c7a37766Symantec Web Gateway version 5.0.2 suffers from a remote blind SQL injection vulnerability.
6aec98e00f8daa7f3e784b9b085136fd783f41fed252a1521762a3217af9e407Symantec Web Gateway version 5.0.3.18 suffers from a remote blind SQL injection backdoor via MySQL triggers.
33d2c7451eea8c45146663fa6330e2747966d6816d1ce83431c543d2238e56fdSecunia Security Advisory - Multiple vulnerabilities have been reported in Symantec Web Gateway, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions, conduct SQL injection attacks, and compromise a vulnerable system.
ad4b2b38a203476edf447fb598dcc1d49742f68cb3cf9b9e7545b8b10b779d76TP Link Gateway version 3.12.4 suffers from cross site scripting vulnerabilities.
8d010600a209f81ff165a65eb5eab362645aef8c6dee7839866b6c791ee2109eSymantec Web Gateway version 5.0.2.8 suffers from local file inclusion, remote command execution, and arbitrary file deletion vulnerabilities.
a0fccf32d3c50c44bbaec6e8b29d6a94e5b750a7a3630cb98f887b64cf02a1a9Astaro Security Gateway suffers from a backup related cross site scripting vulnerability. Version 8.304 is affected.
30eadf9f0efee1d3942c913ec214043f8d8064e76bff3708ef9b6013b88ed5e6This Metasploit module exploits a file upload vulnerability found in Symantec Web Gateway's HTTP service. Due to the incorrect use of file extensions in the upload_file() function, this allows us to abuse the spywall/blocked_file.php file in order to upload a malicious PHP file without any authentication, which results in arbitrary code execution.
cf93b4b95c23f5407ba012edff8b93021d9cf2a529de505d5f968bbc6cf64f26This Metasploit module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec() function. This Metasploit module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication.
b0b67649c40ca029b22826b4a8885851ba50ca7ed212e036f2e5e4e0db93816fZero Day Initiative Advisory 12-091 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists because Symantec Web Gateway allows unauthenticated users to upload a file while preserving the file extension. This allows users to upload additional script files that can be used to execute remote code from user supplied commands under the context of the webserver.
e6455c20b1364db65ee13fb4709268297326339c75eaaeafc7611ed4f8084cddZero Day Initiative Advisory 12-090 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists due to insufficiently filtered user-supplied data used in a call to exec() in multiple script pages. The affected scripts are located in '/spywall/ipchange.php' and 'network.php'. There is also a flaw in '/spywall/download_file.php' that allows unauthenticated users to download and delete any file on the server.
27dcc990753c286009309447bb9c72ba6733589421579106d30bc8c69f3a95efThis Metasploit module exploits a vulnerability found in Symantec Web Gateway's HTTP service. By injecting PHP code in the access log, it is possible to load it with a directory traversal flaw, which allows remote code execution under the context of 'apache'. Please note that it may take up to several minutes to retrieve access_log, which is about the amount of time required to see a shell back.
65a7306dea41b299aa10904fe0da0ef4f8feaaf8b06f2b42c12431d74226ce63Symantec Web Gateway version 5.0.2 remote local file inclusion root exploit.
1f988ae10011c9e9527aa54aee6542a4e4f221f26948b02c388b89c3b9e6db66Secunia Security Advisory - Multiple vulnerabilities have been reported in Symantec Web Gateway, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, manipulate certain data, and compromise a vulnerable system.
5f47e0534616828361e6ecfbca9a7f93b5ec31218988867a9945b874c2d0ead2Secunia Security Advisory - A vulnerability has been discovered in Symantec Web Gateway, which can be exploited by malicious people to conduct cross-site scripting attacks.
6552805b175da258feff2164c2dc08bf2138f9bb86901753d358a5788c75b1abSymantec Web Gateway suffers from a cross site scripting vulnerability.
4a4b3d7ca93ab14cafeac515271b34feae8de6d556145357262cda8aa7e4bce1McAfee Web Gateway and Squid Proxy version 3.1.19 suffers from a bypass vulnerability due to putting trust in Host headers. Proof of concept tool included. Squid is only vulnerable to the attacks if the filtered site is using SSL.
fd5a23a84846044a1ea5a10e1231aba1d4783081f27119ecd5de07b7485b6ad5Many people use telecommunications provided SMTP to SMS/MMS gateways to send out sensitive data. This paper looks into encryption (or lack of) covered by these types of public access SMTP to SMS/MMS gateways and services.
4a7ee04849235d3e90c1270eb15f6e24884ab471f7c7606cf34bb4f9587f746b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed