Page 3 of 13 results (0.007 seconds)

CVSS: 7.5EPSS: 12%CPEs: 9EXPL: 0

Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. • http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html http://www.auscert.org.au/render.html?it=4339 http://www.ciac.org/ciac/bulletins/o-206.shtml http://www.securityfocus.com/bid/11039 http://xforce.iss.net/xforce/alerts/id/181 https://exchange.xforce.ibmcloud.com/vulnerabilities/15669 •

CVSS: 5.0EPSS: 23%CPEs: 11EXPL: 3

The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. • https://www.exploit-db.com/exploits/24218 http://lists.virus.org/bugtraq-0406/msg00234.html http://secunia.com/advisories/11888 http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html http://www.securityfocus.com/bid/10557 •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 2

Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el Servicio de Administración de Symantec Gateway Security 2.0 permite a atacantes remotos robar cookies y secuestrar una sesión de administración mediante una URL /smgi que contiene un script malicioso, que no es puesto entre comillas en la página de error resultante. • https://www.exploit-db.com/exploits/23764 http://marc.info/?l=bugtraq&m=107790684732458&w=2 http://www.securityfocus.com/bid/9755 https://exchange.xforce.ibmcloud.com/vulnerabilities/15330 •