检测

Nessus 的 Firewalls 系列

ID名称严重性
134891Check Point Gaia 操作系统管理员密码截断 (sk156192)
high
134890Check Point 本地权限提升
high
134563Check Point 安全网关拒绝服务 (sk161812)
high
134228Fortinet FortiOS 5.x >= 5.4.0 / 6.x < 6.0.9 / 6.2.x < 6.2.2 URL 重定向漏洞 (FG-IR-19-179)
medium
133358Fortinet FortiOS < 6.2.3 多个漏洞 (FG-IR-19-217)
high
132317Fortinet FortiOS < 5.6.10 / 6.0 < 6.0.7 / 6.2.x < 6.2.1 加密漏洞 (FG-IR-19-007)
medium
131320Fortinet FortiOS < 6.0.7 或 6.2.2 SSL VPN Web 门户输入验证不当 (FG-IR-19-236)
medium
131283Fortinet FortiOS < 6.0.7 信息泄露 MitM (FG-IR-18-100)
medium
131185Fortinet FortiOS < 5.6.11 / 6.0.0 < 6.0.7 / 6.2.0 < 6.2.2 信息泄露 (FG-IR-19-134)
medium
130209FortiOS DRBG 熵不足 (FG-IR-19-186)
high
129782Fortinet FortiGate 5.2.0 < 5.6.11 / 6.0.x < 6.0.5 XSS (FG-IR-19-034)
medium
128552Fortinet FortiOS SSL VPN 目录遍历漏洞 (FG-IR-18-384)(直接检查)
critical
128329Symantec ProxySG 6.5 < 6.5.10.15 / 6.6 < 6.7.4.2 XSS 和信息泄露漏洞 (SA1472)
medium
128303Symantec ProxySG 6.5 / 6.6 / 6.7 < 6.7.4.141 OpenSSL 拒绝服务漏洞 (SA1462)
high
128283Check Point Gaia 操作系统使用默认密码打开接口 (sk145612)
critical
128278Fortinet FortiOS 5.6.0 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN 上多个 pre-auth XSS 漏洞 (FG-IR-18-383)
medium
128149Check Point Gaia 操作系统管理员密码截断 (sk155172)
critical
127134Fortinet FortiGate < 6.2.1 信息泄露 (FG-IR-19-037)
medium
127107SonicWall SonicOS 防火墙多个管理漏洞 (URGENT/11)
critical
125889Fortinet FortiOS < 6.0.5 SSL VPN web 门户主机标头重定向 (FG-IR-19-002)
medium
125888Fortinet FortiOS 5.4.1 < 5.4.11 / 5.6.x < 5.6.9 / 6.0.x < 6.0.5 SSL VPN 安全绕过 (FG-IR-18-389)
high
125887Fortinet FortiOS < 6.0.5 SSL VPN 堆缓冲区溢出 (FG-IR-18-388)
medium
125886Fortinet FortiOS <= 5.4, 5.6.x < 5.6.8, 6.0.x < 6.0.5 SSL VPN 缓冲区溢出 (FG-IR-18-387)
high
125885Fortinet FortiOS 5.6.3 < 5.6.8 / 6.0.x < 6.0.5 SSL VPN 目录遍历漏洞 (FG-IR-18-384)
critical
124328Fortinet FortiManager 未加密密码漏洞 (FG-IR-18-051)
high
124324Fortinet FortiGate < 6.2.0 管理权限提升 (FG-IR-17-053)
high
124280Fortinet FortiGate < 5.4.11 / 5.6.x < 5.6.8 / 6.x < 6.0.3 LDAP 认证泄露 (FG-IR-18-157)
high
122855Fortinet FortiOS 5.6.0 远程代码执行 (FG-IR-18-018)
critical
121474pfSense 不支持版本检测
critical
121356Fortinet FortiGate < 5.6.8 / 6.x < 6.0.3 LDAP 凭据泄露 (FG-IR-18-157)
medium
119887pfSense 2.3.x <= 2.3.5-p2 / 2.4.x < 2.4.4 多个漏洞 (SA-18_06 / SA-18_07 / SA-18_08)
high
119886pfSense 2.3.x < 2.3.5-p2 / 2.4.x < 2.4.3-p1 多个漏洞 (SA-18_04 / SA-18_05)
high
119751Fortinet FortiOS 5.4.x < 5.4.6 / 5.6.x < 5.6.1 XSS (CVE-2017-3131)
medium
119727Squid 3.2.0.10 <= 3.2.x / 3.3.x / 3.4.x / 3.5.x <= 3.5.28 / 4.x < 4.4 拒绝服务漏洞 (SQUID-2018:5)
medium
119726Squid 3.1.12.1 <= 3.1.x <= 3.1.23 / 3.2.0.4 <= 3.2.x / 3.3.x / 3.4.x / 3.5.x <= 3.5.28 / 4.x < 4.4 跨站脚本漏洞 (SQUID-2018:4)
medium
119725Squid 3.1.12.2 <= 3.1.x <= 3.1.23 / 3.2.0.8 <= 3.2.x <= 3.2.14 / 3.3.x / 3.4.x / 3.5.x <= 3.5.27 / 4.x < 4.0.13 拒绝服务漏洞 (SQUID-2018:3)
medium
119724Squid 3.x < 3.5.28 / 4.x < 4.0.23 多个拒绝服务漏洞 (SQUID-2018:1) (SQUID-2018:2)
high
119723Squid 3.x < 3.5.18 / 4.x < 4.0.10 多个拒绝服务漏洞 (SQUID-2016:9)
high
119722Squid 3.2.0.11 < 3.x < 3.5.18 / 4.x < 4.0.10 缓存中毒漏洞 (SQUID-2016:7)
high
119721Squid 3.1 < 3.x < 3.5.23 / 4.x < 4.0.17 本地信息泄露漏洞 (SQUID-2016:11)
high
119421Fortinet FortiGate 5.2.x >= 5.2.12 / 5.4.6 - 5.4.7 / 5.6.1 - 5.6.3 信息泄露 (FG-IR-18-325)
high
118229Juniper ScreenOS < 6.3.0r26 存储型跨站脚本漏洞 (JSA10894)
medium
117936Fortinet FortiGate 5.x < 5.6.6 / 6.x < 6.0.2 隐私 IP 和主机名称信息泄露 (FG-IR-18-085)
medium
112183Fortinet FortiManager < 6.0.2 信息泄露漏洞 (FG-IR-18-016)
medium
110812Fortinet FortiGate < 5.6.6 / 6.0.x < 6.0.1 纯文字凭证 (FG-IR-18-027)
high
110415Fortinet FortiGate <= 5.2.x / 5.4.x < 5.4.9 / 5.6.x < 5.6.3 多个漏洞 (FG-IR-17-231、FG-IR-17-245 和 FG-IR-17-172)
high
109038pfSense < 2.4.3 多个漏洞 (SA-18_01 / SA-18_02 / SA-18_03) (Meltdown) (Spectre)
critical
109037pfSense < 2.3.5 多个漏洞 (KRACK)
critical
109035Symantec ProxySG 6.5 < 6.5.10.8 / 6.6 < 6.6.5.14 / 6.7.3 < 6.7.3.7 / 6.7.4 < 6.7.4.107 多个漏洞 (SA162)
medium
108809Squid < 3.5.18 主机标头处理同源保护/内容筛选绕过 (SQUID-2016:8)
high