sonicwall software vulnerabilities
vulnerabilities.aspcode.net
Searching sonicwall software vulnerabilities
SonicWALL Tele2 and SOHO firewalls with 6.0.0.0
firewalls
|
SonicWALL
|
Tele2
|
SOHO
|
SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.
SonicWALL SOHO uses easily predictable TCP sequ
predictable
|
attackers
|
SonicWALL
|
sequence
|
sessions
|
numbers
|
allows
|
remote
|
hijack
|
easily
|
spoof
|
which
|
SOHO
|
uses
|
TCP
|
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions.
SonicWall Content Filtering allows local users
prohibited
|
SonicWall
|
Filtering
|
requests
|
Content
|
instead
|
address
|
domain
|
site's
|
allows
|
access
|
users
|
sites
|
local
|
name
|
web
|
via
|
SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name.
SonicWALL firmware before 6.4.0.1 allows remote
SonicWALL
|
firmware
|
before
|
SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file.
Software vulnerabilities results 1 to 6 of 6
Page:
1