Full Disclosure mailing list archives
Netasq UTM suffer from bypassing metacharacters filter
From: kaveh ghaemmaghami <kavehghaemmaghami () googlemail com>
Date: Fri, 27 Jul 2012 12:28:12 -0700
Aswome coolkaveh look what I found Title:Netasq UTM suffer from bypassing metacharacters filter coolkaveh Advisory coolkaveh () rocketmail com Https://twitter.com/coolkaveh Product : Netasq utm Vendor Homepage: http://netasq.com Criticality level : High Description : A vulnerability has been discovered in Netasq UTM, which can be exploited by malicious people to bypass metacharacters filter provided by Netasq UTM. Input passed via the method POST is not properly filtering before being passes to the webserver. This can be exploited to SQL injection and etc. Credit : coolkaveh _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Netasq UTM suffer from bypassing metacharacters filter kaveh ghaemmaghami (Jul 28)