Plugins: Firewalls

Juniper ScreenOS 6.3 < 6.3.0r17 IPv6 Packet DoS

Juniper ScreenOS 6.3 < 6.3.0r17 DNS Lookup DoS

Blue Coat ProxySG 6.4.x OpenSSL Security Bypass

Blue Coat ProxySG 6.5.x Multiple OpenSSL Vulnerabilities

Blue Coat ProxySG 6.2.x OpenSSL Security Bypass

Blue Coat ProxySG 4.x OpenSSL Security Bypass

Unsupported ScreenOS Operating System

Juniper ScreenOS 5.4 < 5.4.0r28 / 6.2 < 6.2.0r18 / 6.3 < 6.3.0r16 Malformed ICMP Echo Request DoS (JSA10604)

Juniper ScreenOS 5.4.x < 5.4.0r12 / 6.1.x / 6.2.x < 6.2.0r2 'about.html' Information Disclosure

Juniper ScreenOS 6.3 < 6.3.0r17 DoS

Juniper ScreenOS Device Detection

ModSecurity < 2.7.6 Chunked Header Filter Bypass

McAfee Next Generation Firewall Detection

McAfee Firewall Enterprise Detection

FortiOS 5.x < 5.0.3 Security Bypass

Fortinet Device Detection

Blue Coat ProxySG Heartbeat Information Disclosure (Heartbleed)

Squid 3.1.x < 3.3.12 / 3.4.4 HTTPS Request Handling DoS

Palo Alto Networks PAN-OS Version Detection

Blue Coat ProxySG Local User Modification Race Condition

Palo Alto Networks PAN-OS Firewall/Panorama WebUI Default Credentials

Palo Alto Networks PAN-OS Firewall/Panorama WebUI Detection

Blue Coat ProxySG Remote DoS

Squid 3.2.x < 3.2.13 / 3.3.x < 3.3.8 Port Handling DoS

Squid 3.x < 3.2.12 / 3.3.x < 3.3.7 idnsALookup HTTP Request DoS

Blue Coat ProxySG Unspecified XSS

Blue Coat ProxySG Core File Information Disclosure

Blue Coat ProxySG SGOS Version

ModSecurity < 2.7.4 forceRequestBodyVariable Action Handling DoS

ModSecurity < 2.7.3 XML External Entity (XXE) Data Parsing Arbitrary File Disclosure

ModSecurity < 2.7.0 Multipart Request Parsing Filter Bypass

ModSecurity < 2.5.9 Multipart Request Header Name DoS

ModSecurity < 2.1.1 POST Data Null Byte Filter Bypass

ModSecurity Version

Squid 3.x < 3.2.9 / 3.3.3 strHdrAcptLangGetItem Malformed Accept-Language Denial of Service

Squid 2.x / 3.x < 3.1.23 / 3.2.6 / 3.3.0.3 cachemgr.cgi DoS

Squid 2.x / 3.x < 3.1.22 / 3.2.4 / 3.3.0.2 cachemgr.cgi DoS

Check Point SecuRemote Hostname Information Disclosure

Firewall Detection (2)

Squid Unsupported Version Detection

Unsupported IPSO Firewall

Squid 3.1.x < 3.1.16 / 3.2.x < 3.2.0.13 DNS Replies CName Record Parsing Remote DoS

Firewall Rule Enumeration

Squid 3.x < 3.0.STABLE26 / 3.1.15 / 3.2.0.11 Gopher Buffer Overflow

IP Forwarding Enabled

Squid < 3.1.8 / 3.2.0.2 NULL Pointer Dereference Denial of Service

Squid Proxy Version Detection

Squid 3.1.6 DNS Reply Denial of Service

Misconfigured SOCKS filtering

Squid < 3.0.STABLE24 / 2.7.STABLE8 / 2.6.STABLE24

Cisco ASA 5500 Series Adaptive Security Appliance NTLMv1 Authentication Bypass (cisco-sa-20100217-asa)

Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances (cisco-sa-20100217-asa)

Squid < 3.0.STABLE19 / 3.1.0.14 / 2.6.STABLE23 strListGetItem Function Remote DoS

Squid < 3.0.STABLE23 / 3.1.0.16

Web Application Firewall Detection

Squid 3.0.STABLE16 / 3.10.11

Squid < 2.7.STABLE6 / 3.0.STABLE13 / 3.1.0.5 HTTP Version Number Request Remote DoS

SecurityGateway < 1.0.2 Administration Interface username Field Remote Overflow

Reverse NAT/Intercepting Proxy Detection

3Proxy HTTP Proxy Crafted Transparent Request Remote Overflow

Squid < 2.6.STABLE18 Cache Update Reply Unspecified DoS

DeleGate Proxy Server < 9.7.5 Multiple Vulnerabilities

Firewall Detection

Squid < 2.6.STABLE12 src/client_side.c clientProcessRequest() function TRACE Request DoS

Squid < 2.6.STABLE7 Multiple Remote DoS

Host Logical Network Segregation Weakness

Check Point FireWall-1 ICA Service Detection

DeleGate DNS Response Message DoS

ZoneAlarm VSMON.exe Local Privilege Escalation

WinProxy < 6.1a Multiple Vulnerabilities (credentialed check)

WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities

Juniper NetScreen Security Manager (NSM) guiSrv/devSrv Crafted String Remote DoS

Kerio WinRoute Firewall HTTP/HTTPS Management Detection

Squid Crafted NTLM Authentication Header DoS

Squid Set-Cookie Header Cross-session Information Disclosure

602LAN SUITE Open Telnet Proxy

DeleGate < 8.11 Multiple Unspecified Overflows

SOCKS5 Server Recursive Connection Remote DoS

SOCKS4 Server Recursive Connection Remote DoS

Blue Coat ProxySG Console Management Detection

Default Password (zebra) for Zebra

UMN Gopherd Unauthorized FTP Proxy

Squid < 2.5.STABLE8 Multiple Vulnerabilities

Squid NTLM Component fakeauth Multiple Remote DoS

Squid Malformed Host Name Error Message Information Disclosure

CCProxy Application Proxy Detection

Squid SNMP Module asn_parse_header() Function Remote DoS

ZoneAlarm Pro Configuration File/Directory Permission Weakness DoS

ZoneAlarm Personal Firewall UDP Source Port 67 Bypass

Cerbere HTTP Proxy Server Host: Header Remote DoS

NetAsq IPS-Firewalls Detection

Arkoon Appliance Detection

Squid ntlm_check_auth Function NTLM Authentication Helper Password Handling Remote Overflow

Symantec Firewall Malformed TCP Packet Options Remote DoS

Squid %xx URL Encoding ACL Bypass

Multiple BSD ipfw / ip6fw ECE Bit Filtering Evasion

Check Point FireWall-1 4.x Multiple Vulnerabilities (OF, FS)

Finjan SurfinGate Proxy FHTTP Command Admin Functions Authentication Bypass

Check Point FireWall-1 Spoofed UDP Packet Remote DoS

Source Routed Packet Weakness

StoneGate Firewall Client Authentication Detection

TCP/IP SYN+FIN Packet Filtering Weakness

Check Point FireWall-1/VPN-1 Syslog Daemon Remote Overflow DoS

Firewall UDP Packet Source Port 53 Ruleset Bypass

Kerio Personal Firewall Administrator Authentication Handshake Packet Remote Buffer Overflow

Check Point FireWall-1 Open Web Administration

IBM Tivoli Firewall Toolbox (TFST) Unspecified Remote Overflow

L2TP Network Server Detection

HTTP Proxy Open gopher:// Request Relaying

NEC SOCKS4 Module Username Handling Remote Overflow

AnalogX Proxy SOCKS4a DNS Hostname Handling Remote Overflow

BenHur Firewall Source Port 20 ACL Restriction Bypass

ISS BlackICE / RealSecure Large ICMP Ping Packet Overflow DoS

Squid FTP URL Special Character Handling Remote Overflow

Squid mkdir-only PUT Request Remote DoS

Raptor Firewall 6.5 HTTP Proxy Detection

Check Point FireWall-1 HTTP Client Authentication Detection

Check Point FireWall-1 Telnet Client Authentication Detection

tinyProxy Long Connect Request Overflow

Cisco PIX Firewall Mailguard Feature SMTP Content Filter Bypass

HTTP Proxy Open Relay Detection

HTTP Proxy POST Request Relaying

HTTP Proxy Arbitrary Site/Port Relaying

HTTP Proxy CONNECT Request Relaying

Novell BorderManager Port 2000 Telnet DoS

Check Point FireWall-1 UDP Port 0 DoS

DeleGate Multiple Function Remote Overflows

Check Point FireWall-1 Identification

Axent Raptor Firewall Zero Length IP Remote DoS