Several security vulnerabilities have been found in ISS's Proventia appliance, these vulnerabilities allow remote attackers to cause cross site scripting vulnerabilities in their user interface, cause the PHP scripts running on the server to include remote files as well as due to the usage of old OpenSSH (and in compatibility mode) to allow brute forcing of usernames and passwords with a timing attack.

http://www.securiteam.com/securityre...TP0C0AM1S.html