While no programmer is perfect, there is a healthy bit of irony when software designed to secure or protect is found to have its own vulnerability. This page isn't here to make fun of the programmers of these software applications, but more to remind people that these same companies are often the ones trashing other programmers and claiming their solutions/software as silver bullets to protect against other vulnerable vendors.
Many people don't realize that every piece of software you add to your computer, regardless of its purpose, may expose you to additional risk. While the personal firewall software stops casual scans and gives you a sense of security, it can also end up providing an easier method for an attacker to wield full control of your machine. Piling on extra security software isn't always the best solution.
For security companies, looking past these vulnerabilities, the thing to consider is how security companies respond to such issues. Do they admit the mistakes and provide quick remediation? Do they learn from their mistakes and improve their internal security testing?
This page will not be updated very frequently. It's purpose is just to give you a rough idea on how widespread the problem is. We are not attempting to pick on any one vendor or criticize their efforts (on this page at least).
|Barracuda Networks Inc.||Vulnerabilities||"Barracuda Networks Inc. built its reputation as the worldwide leader in content security appliances by offering easy to use and affordable products that protect organizations from email, Web and IM threats."|
|BitDefender||Vulnerabilities||"Antivirus BitDefender. Complete Solutions to protect your business and secure your computer from the latest viruses.Offers a variety of antivirus products, including specialized handheld device, peer-to-peer, and email scanners."|
|Computer Associates (CA)||Vulnerabilities||"CA provides solutions to meet your Identity and Access Management, Security Information Management and Data Loss Prevention needs."|
|Check Point||Check Point Vulnerabilities
|"Check Point Software Technologies Ltd. worldwide leader in securing the Internet, is the only vendor to deliver Total Security for networks, data and endpoints, unified under a single management framework."|
|Cisco||Vulnerabilities||"Cisco's expertise in securing enterprise architectures helps you combine collaboration with protection. Take full advantage of Cisco's pervasive security solutions to protect people, information, applications, and the network."|
|DansGuardian||Vulnerabilities||"DansGuardian is an award winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris."|
|Ingate Systems||Vulnerabilities||"Ingate Systems develops technology and products - firewalls and SIParators - that enable global VoIP for the enterprise while maintaining control and security at the network edge."|
|Internet Security Systems (ISS) [IBM]||Vulnerabilities||"IBM Internet Security Systems offers end-to-end risk management solutions to protect against threats while reducing the costs and complexity of security."|
|Juniper||Vulnerabilities||Juniper Networks security solutions provide granular access control that identifies, mitigates, and reports on today's most sophisticated threats.|
|Kaspersky Lab||Kaspersky||"Kaspersky Lab offers a number of award-winning computer security solutions for the home computer, including antivirus and mobile security software."|
|"We're driven to provide the broadest range of solutions, making it easy for our customers to secure their PCs, networks, mobile phones, and websites from emerging and known threats."|
|Panda Security||Vulnerabilities||"Panda Security is one of the world's leading creators and developers of technologies, products and services for keeping clients' IT resources free from viruses and other computer threats at the lowest possible Total Cost of Ownership."|
|PGP Corporation||Vulnerabilities||"PGP Corporation, a global enterprise security company, is the leader in file encryption software, hard drive encryption, secure FTP server applications and related security solutions."|
|RSA Security [EMC]||Vulnerabilities||"RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration."|
Recourse Technologies Vulnerabilities
|"Symantec helps consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored."|
|Sophos||Vulnerabilities||"Trusted by 100 million users and endorsed by industry analysts as a leader, Sophos provides a full range of endpoint, encryption, email, web and NAC solutions that are simple to deploy, manage and use."|
|SSH Communications Security||Vulnerabilities||"Founded in 1995, SSH Communications Security is a world-leading provider of managed file transfer and data-in-transit security solutions and services."|
|SonicWALL||Vulnerabilities||"SonicWALL offers comprehensive security solutions to a wide range of customers ranging from small businesses to large enterprises."|
|Tenable Network Security||Vulnerabilties||"Tenable Network Security provides a suite of solutions that unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management."|
|Trend Micro||Vulnerabilities||"Trend Micro is a global leader with over two decades of expertise in endpoint, messaging and Web security."|
|WatchGuard||Vulnerabilities||"WatchGuard gives you powerful firewall and VPN appliances for small and medium-size enterprises."|
Copyright 2009-2012 by Attrition.org. Permission is granted to quote, reprint or redistribute provided the text is not altered, and appropriate credit is given. OSVDB.org is a project of the Open Security Foundation, a project to track computer based vulnerabilities.