CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 1CVE-2012-3238
https://notcve.org/view.php?id=CVE-2012-3238
09 Jul 2012 — Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field. vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el componente Backup/Restore en WebAdmin en Astaro Security Gateway anteriores a v8.305, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del campo "Comment (opcional)". • http://archives.neohapsis.com/archives/fulldisclosure/2012-06/0206.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4242
https://notcve.org/view.php?id=CVE-2007-4242
08 Aug 2007 — The pop3 Proxy in Astaro Security Gateway (ASG) 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment. El Proxy pop3 en el Astaro Security Gateway (ASG) 7 no realiza escaneo de virus en los ficheros adjuntos que excedan el tamaño máximo de los adjunto y deja pasar dichos adjuntos, lo que permite a atacantes remotos evitar el escaneo mediante la inclusión de adjuntos ... • http://securityreason.com/securityalert/2981 •
CVSS: 7.8EPSS: 5%CPEs: 7EXPL: 0CVE-2007-4243
https://notcve.org/view.php?id=CVE-2007-4243
08 Aug 2007 — Unspecified vulnerability in pfilter-reporter.pl in Astaro Security Gateway (ASG) 7 allows remote attackers to cause a denial of service (CPU consumption) via certain network traffic, as demonstrated by P2P and iTunes applications that download large amounts of data. Vulnerabilidad no especificada en pfilter-reporter.pl de Astaro Security Gateway (ASG) 7 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante cierto tráfico de red, como ha sido demostrado por aplicaciones P... • http://astaro.org/showthread.php?p=77667 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-3253
https://notcve.org/view.php?id=CVE-2007-3253
18 Jun 2007 — Multiple unspecified vulnerabilities in Astaro Security Gateway (ASG) before 7.005 allow remote attackers to cause a denial of service via (1) certain email, which stops the SMTP Proxy during scanning; (2) certain HTTP traffic, which stops or slows down the HTTP proxy during HTTP responses containing virus scanned web pages; and (3) a disconnection during a streaming session. Múltiples vulnerabilidades no especificadas en Astaro Security Gateway (ASG) anterior a 7.005 permite a atacantes remotos provocar de... • http://osvdb.org/37345 •
CVSS: 9.8EPSS: 2%CPEs: 3EXPL: 0CVE-2005-3985
https://notcve.org/view.php?id=CVE-2005-3985
04 Dec 2005 — The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://secunia.com/advisories/17838 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3100
https://notcve.org/view.php?id=CVE-2005-3100
28 Sep 2005 — Unspecified "PPTP Remote DoS Vulnerability" in Astaro Security Linux 4.027 allows attackers to cause a denial of service. • http://secunia.com/advisories/16967 •
CVSS: 9.1EPSS: 4%CPEs: 1EXPL: 1CVE-2005-2729 – Astaro Security Linux 6.0 01 - HTTP CONNECT Unauthorized Access
https://notcve.org/view.php?id=CVE-2005-2729
29 Aug 2005 — The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services. • https://www.exploit-db.com/exploits/26198 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2730
https://notcve.org/view.php?id=CVE-2005-2730
29 Aug 2005 — The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message. • http://marc.info/?l=bugtraq&m=112501186602731&w=2 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2731
https://notcve.org/view.php?id=CVE-2005-2731
29 Aug 2005 — Directory traversal vulnerability in Astaro Security Linux 6.0, when using Webmin, allows remote authenticated webmin users to read arbitrary files via a .. (dot dot) in the wfe_download parameter to index.fpl. • http://marc.info/?l=bugtraq&m=112501186602731&w=2 •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2004-2251
https://notcve.org/view.php?id=CVE-2004-2251
31 Dec 2004 — The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks. • http://secunia.com/advisories/13089 •