Sophos Web Appliance Multiple Command Injection and Session Fixation Vulnerabilities

Bugtraq ID: 97261
Class: Input Validation Error
CVE: CVE-2017-6184
CVE-2017-6182
CVE-2017-6412
CVE-2017-6183
Remote: Yes
Local: No
Published: Mar 31 2017 12:00AM
Updated: Apr 04 2017 12:02AM
Credit: Russell Sanford, Kapil Khot and Russell Sanford.
Vulnerable: Sophos Web Appliance 3.8.2
Sophos Web Appliance 3.0
Sophos Web Appliance 2.1.18
Sophos Web Appliance 4.3.1
Sophos Web Appliance 4.3
Sophos Web Appliance 4.2.1.3
Sophos Web Appliance 3.8.1.1
Sophos Web Appliance 3.8.1
Sophos Web Appliance 3.8.0
Sophos Web Appliance 3.7.9.1
Sophos Web Appliance 3.7.9
Not Vulnerable: Sophos Web Appliance 4.3.1.2


 

Privacy Statement
Copyright 2010, SecurityFocus