Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Netasq UTM suffer from bypassing metacharacters filter

From: kaveh ghaemmaghami <kavehghaemmaghami () googlemail com>
Date: Fri, 27 Jul 2012 12:28:12 -0700
Aswome coolkaveh look what I found

Title:Netasq UTM suffer from bypassing metacharacters filter
coolkaveh Advisory
coolkaveh () rocketmail com
Https://twitter.com/coolkaveh
Product : Netasq utm
Vendor Homepage: http://netasq.com
Criticality level : High
Description : A vulnerability has been discovered in Netasq UTM, which
can be exploited by malicious people to bypass metacharacters filter
provided by Netasq UTM. Input passed via the method POST is not
properly filtering before being passes to the webserver. This can be
exploited to SQL injection and etc.
Credit : coolkaveh

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: