Search criteria
36 vulnerabilities found for contivity by nortel
VAR-200501-0251
Vulnerability from variot - Updated: 2023-12-18 14:07Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information. It is reported that Nortel Contivity VPN client is susceptible to a username enumeration vulnerability. Attackers may exploit this vulnerability to discern valid usernames. This may aid them in brute force password cracking, or other attacks. Versions prior to 5.01_030 are reported susceptible to this issue. Nortel Networks Contivity VPN Client is the client software for Nortel VPN devices. Name: User Account Enumeration in Nortel Contivity VPN Vendor: Nortel Networks Products Affected: Nortel Networks Contivity VPN Client Type: Remote User Account Enumeration Severity: Medium
I. This bug was discovered as part of a penetration test we carried out on the VPN server of a client.
II. Description 1.
III. Impact The different error messages could enable a malicious person to guess valid user names on the Contivity VPN/Firewall, and then launch password-guessing attacks against these accounts.
IV. Solution This issue is resolved in Contivity VPN Client for Windows V5.01_030
Refer to the CERT VU Note at http://www.kb.cert.org/vuls/id/830214 and our full advisory at http://www.nii.co.in/vuln/contivity.html for information about vendor response, applying the patches, and other technical details.
V. About Network Intelligence India We're a leading provider of information security services and products. Our AuditPro suite of security assessment software provides comprehensive, policy-based security audits for Windows 2000, 2003, XP, Redhat Linux, Sun Solaris, Oracle and MS SQL Servers. For more information, visit us at http://www.nii.co.in
* Happy Diwali AND Eid Mubarak! *
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0251",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "4.91"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": "networks contivity vpn client",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4.91"
},
{
"model": "networks contivity vpn client 1 030",
"scope": "ne",
"trust": 0.3,
"vendor": "nortel",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4.91:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1105"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "K. K. Mookhey of Network Intelligence India reported this vulnerability.",
"sources": [
{
"db": "BID",
"id": "11623"
}
],
"trust": 0.3
},
"cve": "CVE-2004-1105",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9535",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1105",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#830214",
"trust": 0.8,
"value": "0.65"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-213",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9535",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information. It is reported that Nortel Contivity VPN client is susceptible to a username enumeration vulnerability. \nAttackers may exploit this vulnerability to discern valid usernames. This may aid them in brute force password cracking, or other attacks. \nVersions prior to 5.01_030 are reported susceptible to this issue. Nortel Networks Contivity VPN Client is the client software for Nortel VPN devices. Name: User Account Enumeration in Nortel Contivity VPN\nVendor: Nortel Networks\nProducts Affected: Nortel Networks Contivity VPN Client\nType: Remote User Account Enumeration\nSeverity: Medium\n\nI. This bug was discovered as \npart of a penetration test we carried out on the VPN server of a client. \n\nII. Description\n1. \n\nIII. Impact\nThe different error messages could enable a malicious person to guess\nvalid user names on the Contivity VPN/Firewall, and then launch\npassword-guessing attacks against these accounts. \n\nIV. Solution\nThis issue is resolved in Contivity VPN Client for Windows V5.01_030\n\nRefer to the CERT VU Note at\nhttp://www.kb.cert.org/vuls/id/830214 and our full advisory at \nhttp://www.nii.co.in/vuln/contivity.html\nfor information about vendor response, applying the patches, and other\ntechnical details. \n\nV. About Network Intelligence India\nWe\u0027re a leading provider of information security services and products. \nOur AuditPro suite of security assessment software provides\ncomprehensive, policy-based security audits for Windows 2000, 2003, XP,\nRedhat Linux, Sun Solaris, Oracle and MS SQL Servers. For more\ninformation, visit us at http://www.nii.co.in\n\n**** Happy Diwali AND Eid Mubarak! ****\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "PACKETSTORM",
"id": "35003"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#830214",
"trust": 2.9
},
{
"db": "BID",
"id": "11623",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1105",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213",
"trust": 0.7
},
{
"db": "XF",
"id": "17988",
"trust": 0.6
},
{
"db": "VULNERABILITY NOTE",
"id": "VU#830214",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20041110 NORTEL NETWORKS CONTIVITY VPN CLIENT INFORMATION LEAKAGE VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "35003",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "PACKETSTORM",
"id": "35003"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"id": "VAR-200501-0251",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9535"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:07:00.874000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1105"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"trust": 2.0,
"url": "http://www.kb.cert.org/vuls/id/crdy-626n7f"
},
{
"trust": 1.8,
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11623"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17988"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/products/01/contivity/multi_os/"
},
{
"trust": 0.1,
"url": "http://www.nii.co.in"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "PACKETSTORM",
"id": "35003"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "PACKETSTORM",
"id": "35003"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-08T00:00:00",
"db": "CERT/CC",
"id": "VU#830214"
},
{
"date": "2005-01-10T00:00:00",
"db": "VULHUB",
"id": "VHN-9535"
},
{
"date": "2004-11-08T00:00:00",
"db": "BID",
"id": "11623"
},
{
"date": "2004-11-12T03:43:05",
"db": "PACKETSTORM",
"id": "35003"
},
{
"date": "2005-01-10T05:00:00",
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"date": "2005-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-08T00:00:00",
"db": "CERT/CC",
"id": "VU#830214"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9535"
},
{
"date": "2004-11-08T00:00:00",
"db": "BID",
"id": "11623"
},
{
"date": "2017-07-11T01:30:44.747000",
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"date": "2006-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Networks Contivity VPN Client information leakage vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
],
"trust": 0.6
}
}
VAR-200505-0128
Vulnerability from variot - Updated: 2023-12-18 14:02Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header. Multiple Nortel Networks products are prone to a remote denial of service vulnerability. The issue manifests when the affected appliance processes an IKE main packet (ISAKMP) header of a certain type. When the packet is processed, the vulnerability is triggered and the device crashes, effectively denying service for legitimate users. Nortel VPN routers provide routing, VPN, firewall, bandwidth management, encryption, authentication, and data integrity functions for secure connections over IP networks and the Internet. A denial of service vulnerability exists in the Nortel VPN router product (formerly known as Nortel Contivity) when performing VPN security tests on users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "4600_secure_ip_services_gateway"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "4500_secure_ip_services_gateway"
},
{
"model": "vpn router 1050",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "1500_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "2000_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "1600_secure_ip_services_gateway"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "2500_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "2600_secure_ip_services_gateway"
},
{
"model": "vpn router 1010",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "1000_vpn_switch"
},
{
"model": "vpn router 1100",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 1700",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 1740",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 2700",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 600",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "4000_vpn_switch"
},
{
"model": "vpn router 5000",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 1100",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 1050",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 1740",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 2700",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 5000",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 600",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 1700",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 1010",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6000"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2700"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1740"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1700"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1100"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1050"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1010"
},
{
"model": "networks contivity secure ip services gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4600"
},
{
"model": "networks contivity secure ip services gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4500"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4000"
},
{
"model": "networks contivity secure ip services gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2600"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2500"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2000"
},
{
"model": "networks contivity secure ip services gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1600"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1500"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
}
],
"sources": [
{
"db": "BID",
"id": "13792"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4500_secure_ip_services_gateway:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4600_secure_ip_services_gateway:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1010:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1050:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1500_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1600_secure_ip_services_gateway:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_600:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:2600_secure_ip_services_gateway:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1700:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_2700:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:2500_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1740:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1802"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roy Hills\u203b Roy.Hills@nta-monitor.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
],
"trust": 0.6
},
"cve": "CVE-2005-1802",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-13011",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-1802",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-1218",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-13011",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13011"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header. Multiple Nortel Networks products are prone to a remote denial of service vulnerability. \nThe issue manifests when the affected appliance processes an IKE main packet (ISAKMP) header of a certain type. \nWhen the packet is processed, the vulnerability is triggered and the device crashes, effectively denying service for legitimate users. Nortel VPN routers provide routing, VPN, firewall, bandwidth management, encryption, authentication, and data integrity functions for secure connections over IP networks and the Internet. A denial of service vulnerability exists in the Nortel VPN router product (formerly known as Nortel Contivity) when performing VPN security tests on users",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "BID",
"id": "13792"
},
{
"db": "VULHUB",
"id": "VHN-13011"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13792",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2005-1802",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1014068",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20050531 NORTEL VPN ROUTER MALFORMED PACKET DOS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-13011",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13011"
},
{
"db": "BID",
"id": "13792"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"id": "VAR-200505-0128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13011"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:02:50.081000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1802"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/13792"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/399423"
},
{
"trust": 1.7,
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014068"
},
{
"trust": 0.3,
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=29\u0026subcategory=1\u0026documentoid=328562"
},
{
"trust": 0.3,
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/index.htm"
},
{
"trust": 0.3,
"url": "/archive/1/401129"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13011"
},
{
"db": "BID",
"id": "13792"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-13011"
},
{
"db": "BID",
"id": "13792"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-27T00:00:00",
"db": "VULHUB",
"id": "VHN-13011"
},
{
"date": "2005-05-27T00:00:00",
"db": "BID",
"id": "13792"
},
{
"date": "2005-05-27T04:00:00",
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"date": "2005-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-13011"
},
{
"date": "2009-07-12T14:56:00",
"db": "BID",
"id": "13792"
},
{
"date": "2008-09-05T20:50:08.417000",
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN Router malformed packet denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
],
"trust": 0.6
}
}
VAR-200505-0417
Vulnerability from variot - Updated: 2023-12-18 14:02Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information. Credentials that are harvested through the exploitation of this weakness may then be used to aid in further attacks. This weakness is reported to affect Nortel Contivity VPN Client version 5.01 for Microsoft Windows, versions for the Linux platform are not reported to be vulnerable. Other versions might also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0417",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "5.01"
},
{
"model": "networks contivity vpn client 1 030",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5.0"
}
],
"sources": [
{
"db": "BID",
"id": "12871"
},
{
"db": "NVD",
"id": "CVE-2005-0844"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0844"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roy Hills\u203b Roy.Hills@nta-monitor.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0844",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-12053",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0844",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-742",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-12053",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12053"
},
{
"db": "NVD",
"id": "CVE-2005-0844"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information. \nCredentials that are harvested through the exploitation of this weakness may then be used to aid in further attacks. \nThis weakness is reported to affect Nortel Contivity VPN Client version 5.01 for Microsoft Windows, versions for the Linux platform are not reported to be vulnerable. Other versions might also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0844"
},
{
"db": "BID",
"id": "12871"
},
{
"db": "VULHUB",
"id": "VHN-12053"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-0844",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1013512",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200505-742",
"trust": 0.7
},
{
"db": "XF",
"id": "19791",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20050322 NORTEL VPN CLIENT ISSUE: CLEAR-TEXT PASSWORD STORED IN MEMORY",
"trust": 0.6
},
{
"db": "BID",
"id": "12871",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-12053",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12053"
},
{
"db": "BID",
"id": "12871"
},
{
"db": "NVD",
"id": "CVE-2005-0844"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
]
},
"id": "VAR-200505-0417",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-12053"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:02:49.966000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12053"
},
{
"db": "NVD",
"id": "CVE-2005-0844"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1013512"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19791"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/19791"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/products/01/contivity/multi_os/"
},
{
"trust": 0.3,
"url": "/archive/1/393943"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=111151589203707\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-12053"
},
{
"db": "BID",
"id": "12871"
},
{
"db": "NVD",
"id": "CVE-2005-0844"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-12053"
},
{
"db": "BID",
"id": "12871"
},
{
"db": "NVD",
"id": "CVE-2005-0844"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-12053"
},
{
"date": "2005-03-22T00:00:00",
"db": "BID",
"id": "12871"
},
{
"date": "2005-05-02T04:00:00",
"db": "NVD",
"id": "CVE-2005-0844"
},
{
"date": "2005-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-12053"
},
{
"date": "2009-07-12T10:56:00",
"db": "BID",
"id": "12871"
},
{
"date": "2017-07-11T01:32:26.063000",
"db": "NVD",
"id": "CVE-2005-0844"
},
{
"date": "2006-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "12871"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN Client Password leak vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-742"
}
],
"trust": 0.6
}
}
VAR-200508-0106
Vulnerability from variot - Updated: 2023-12-18 13:40Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box. Contivity is prone to a local security vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200508-0106",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "v05_01.030"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.3,
"vendor": "apache2triad",
"version": "v0501.030"
}
],
"sources": [
{
"db": "BID",
"id": "89398"
},
{
"db": "NVD",
"id": "CVE-2005-2579"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:v05_01.030:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2579"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "89398"
}
],
"trust": 0.3
},
"cve": "CVE-2005-2579",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-13788",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-2579",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200508-142",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-13788",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13788"
},
{
"db": "NVD",
"id": "CVE-2005-2579"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box. Contivity is prone to a local security vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2579"
},
{
"db": "BID",
"id": "89398"
},
{
"db": "VULHUB",
"id": "VHN-13788"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-2579",
"trust": 2.0
},
{
"db": "BUGTRAQ",
"id": "20050810 PRIVILEGE ESCALATION IN NORTEL CONTIVITY VPN CLIENT V05_01.030",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200508-142",
"trust": 0.6
},
{
"db": "BID",
"id": "89398",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-13788",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13788"
},
{
"db": "BID",
"id": "89398"
},
{
"db": "NVD",
"id": "CVE-2005-2579"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
]
},
"id": "VAR-200508-0106",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13788"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:40:54.847000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2579"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=112370730131219\u0026w=2"
},
{
"trust": 0.9,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=112370730131219\u0026w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=112370730131219\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13788"
},
{
"db": "BID",
"id": "89398"
},
{
"db": "NVD",
"id": "CVE-2005-2579"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-13788"
},
{
"db": "BID",
"id": "89398"
},
{
"db": "NVD",
"id": "CVE-2005-2579"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-16T00:00:00",
"db": "VULHUB",
"id": "VHN-13788"
},
{
"date": "2005-08-16T00:00:00",
"db": "BID",
"id": "89398"
},
{
"date": "2005-08-16T04:00:00",
"db": "NVD",
"id": "CVE-2005-2579"
},
{
"date": "2005-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-13788"
},
{
"date": "2005-08-16T00:00:00",
"db": "BID",
"id": "89398"
},
{
"date": "2016-10-18T03:28:45.097000",
"db": "NVD",
"id": "CVE-2005-2579"
},
{
"date": "2006-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "89398"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Contivity VPN Client Privilege escalation vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-142"
}
],
"trust": 0.6
}
}
VAR-200412-0753
Vulnerability from variot - Updated: 2023-12-18 13:16Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack. Nortel Contivity VPN Client is reported prone to a certificate check failure. The vulnerability is present because the VPN connection is established before the user permits the connection. This may allow the attacker to launch further attacks against the vulnerable computer. Nortel Contivity VPN Client is a VPN client. Remote attackers can exploit this vulnerability to further attack the target system. No detailed vulnerability details are currently available.
Successful exploitation requires that an attacker is able to conduct a man-in-the-middle attack, thereby making the client connect to a malicious gateway.
The vulnerability has been reported in version 4.91. Other versions may also be vulnerable.
SOLUTION: Reportedly, this will be fixed in version 5.1 (expected to be released in the beginning of 2005).
The vendor has not replied to any requests for comments on this issue.
PROVIDED AND/OR DISCOVERED BY: Roger Sylvain from Solucom
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0753",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "4.91"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "5.01"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "2.1.7"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "3.00"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "3.01"
},
{
"model": "networks contivity vpn client",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4.91"
}
],
"sources": [
{
"db": "BID",
"id": "11495"
},
{
"db": "NVD",
"id": "CVE-2004-2621"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4.91:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:3.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:3.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:2.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2621"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sylvain Roger\u203b sylvain.roger@solucom.fr",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
],
"trust": 0.6
},
"cve": "CVE-2004-2621",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-11049",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-2621",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-252",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-11049",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11049"
},
{
"db": "NVD",
"id": "CVE-2004-2621"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack. Nortel Contivity VPN Client is reported prone to a certificate check failure. The vulnerability is present because the VPN connection is established before the user permits the connection. \nThis may allow the attacker to launch further attacks against the vulnerable computer. Nortel Contivity VPN Client is a VPN client. Remote attackers can exploit this vulnerability to further attack the target system. No detailed vulnerability details are currently available. \n\nSuccessful exploitation requires that an attacker is able to conduct\na man-in-the-middle attack, thereby making the client connect to a\nmalicious gateway. \n\nThe vulnerability has been reported in version 4.91. Other versions\nmay also be vulnerable. \n\nSOLUTION:\nReportedly, this will be fixed in version 5.1 (expected to be\nreleased in the beginning of 2005). \n\nThe vendor has not replied to any requests for comments on this\nissue. \n\nPROVIDED AND/OR DISCOVERED BY:\nRoger Sylvain from Solucom\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2621"
},
{
"db": "BID",
"id": "11495"
},
{
"db": "VULHUB",
"id": "VHN-11049"
},
{
"db": "PACKETSTORM",
"id": "34797"
}
],
"trust": 1.35
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11495",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "12881",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "11002",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1011846",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2004-2621",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-252",
"trust": 0.7
},
{
"db": "XF",
"id": "17812",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "7051",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-11049",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "34797",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11049"
},
{
"db": "BID",
"id": "11495"
},
{
"db": "PACKETSTORM",
"id": "34797"
},
{
"db": "NVD",
"id": "CVE-2004-2621"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
]
},
"id": "VAR-200412-0753",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11049"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:16:09.135000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2621"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026documentoid=276620\u0026renditionid=rend159588"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11495"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/11002"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1011846"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/12881"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17812"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17812"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/7051"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/products/01/contivity/multi_os/"
},
{
"trust": 0.1,
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026amp;category=8\u0026amp;subcategory=6\u0026amp;subtype=\u0026amp;documentoid=276620\u0026amp;renditionid=rend159588"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/12881/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2428/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11049"
},
{
"db": "BID",
"id": "11495"
},
{
"db": "PACKETSTORM",
"id": "34797"
},
{
"db": "NVD",
"id": "CVE-2004-2621"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-11049"
},
{
"db": "BID",
"id": "11495"
},
{
"db": "PACKETSTORM",
"id": "34797"
},
{
"db": "NVD",
"id": "CVE-2004-2621"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-11049"
},
{
"date": "2004-10-21T00:00:00",
"db": "BID",
"id": "11495"
},
{
"date": "2004-10-27T02:42:07",
"db": "PACKETSTORM",
"id": "34797"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2621"
},
{
"date": "2004-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-11049"
},
{
"date": "2004-10-21T00:00:00",
"db": "BID",
"id": "11495"
},
{
"date": "2017-07-20T01:29:02.440000",
"db": "NVD",
"id": "CVE-2004-2621"
},
{
"date": "2006-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Contivity VPN Client Gateway Certificate Check Failure Vulnerability",
"sources": [
{
"db": "BID",
"id": "11495"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "11495"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-252"
}
],
"trust": 0.9
}
}
VAR-200704-0315
Vulnerability from variot - Updated: 2023-12-18 12:53Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests. Nortel VPN routers are prone to multiple remote unauthorized-access vulnerabilities due to design errors. Successful exploits will allow attackers to access administrative functionality and completely compromise vulnerable devices or gain direct access to the private network. This issue affects all model numbers for Nortel VPN Routers 1000, 2000, 4000, 5000. Nortel VPN routers were formerly known as Contivity. Nortel VPN routers provide routing, VPN, firewall, bandwidth management, encryption, authentication, and data integrity functions for secure connections over IP networks and the Internet.
Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/
TITLE: Nortel VPN Router Default User Accounts and Missing Authentication Checks
SECUNIA ADVISORY ID: SA24962
VERIFY ADVISORY: http://secunia.com/advisories/24962/
CRITICAL: Moderately critical
IMPACT: Security Bypass, Manipulation of data
WHERE:
From remote
OPERATING SYSTEM: Nortel Contivity VPN Switches http://secunia.com/product/2425/ Nortel VPN Routers http://secunia.com/product/2426/
DESCRIPTION: A vulnerability and a security issue have been reported in Nortel VPN Routers, which can be exploited by malicious people to bypass certain security restrictions or manipulate certain data.
1) Two default user accounts ("FIPSecryptedtest1219" and "FIPSunecryptedtest1219") are configured on the VPN Router, which are not readily visible to the system manager.
2) Missing authentication checks within two template files of the web management tool can be exploited to e.g. modify certain router configurations.
An issue regarding same DES keys used to encrypt user's passwords has also been reported, which can facilitate brute-force attacks on user's passwords if the attacker were to gain access to the LDAP store.
The vulnerability and security issue reportedly affect the following products: * Contivity 1000 VPN Switch * Contivity 2000 VPN Switch * Contivity 4000 VPN Switch * VPN Router 5000 *VPN Router Portfolio
SOLUTION: Update to versions 6_05.140, 5_05.304, or 5_05.149.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Detack GmbH.
ORIGINAL ADVISORY: Nortel: http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200704-0315",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "4000_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "2000_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "1000_vpn_switch"
},
{
"model": "vpn router 5000",
"scope": null,
"trust": 1.4,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 5000",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "4000"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "5_05.304"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "5_05.149"
},
{
"model": "contivity",
"scope": "lt",
"trust": 0.8,
"vendor": "nortel",
"version": "5_05.3xx"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "2000"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "1000"
},
{
"model": "contivity",
"scope": "lt",
"trust": 0.8,
"vendor": "nortel",
"version": "5000"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "6_05.140"
},
{
"model": "contivity",
"scope": "lt",
"trust": 0.8,
"vendor": "nortel",
"version": "6.x"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2700"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "17500"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1740"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1700"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1100"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1050"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1010"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4000"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2000"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
}
],
"sources": [
{
"db": "BID",
"id": "23562"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003769"
},
{
"db": "NVD",
"id": "CVE-2007-2334"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2334"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Detack GmbH",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
],
"trust": 0.6
},
"cve": "CVE-2007-2334",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2007-2334",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-25696",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-2334",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200704-577",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-25696",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25696"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003769"
},
{
"db": "NVD",
"id": "CVE-2007-2334"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests. Nortel VPN routers are prone to multiple remote unauthorized-access vulnerabilities due to design errors. \nSuccessful exploits will allow attackers to access administrative functionality and completely compromise vulnerable devices or gain direct access to the private network. \nThis issue affects all model numbers for Nortel VPN Routers 1000, 2000, 4000, 5000. Nortel VPN routers were formerly known as Contivity. Nortel VPN routers provide routing, VPN, firewall, bandwidth management, encryption, authentication, and data integrity functions for secure connections over IP networks and the Internet. \n\n----------------------------------------------------------------------\n\nSecunia customers receive relevant and filtered advisories. \nDelivery is done via different channels including SMS, Email, Web,\nand https based XML feed. \nhttp://corporate.secunia.com/trial/38/request/\n\n----------------------------------------------------------------------\n\nTITLE:\nNortel VPN Router Default User Accounts and Missing Authentication\nChecks\n\nSECUNIA ADVISORY ID:\nSA24962\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24962/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSecurity Bypass, Manipulation of data\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nNortel Contivity VPN Switches\nhttp://secunia.com/product/2425/\nNortel VPN Routers\nhttp://secunia.com/product/2426/\n\nDESCRIPTION:\nA vulnerability and a security issue have been reported in Nortel VPN\nRouters, which can be exploited by malicious people to bypass certain\nsecurity restrictions or manipulate certain data. \n\n1) Two default user accounts (\"FIPSecryptedtest1219\" and\n\"FIPSunecryptedtest1219\") are configured on the VPN Router, which are\nnot readily visible to the system manager. \n\n2) Missing authentication checks within two template files of the web\nmanagement tool can be exploited to e.g. modify certain router\nconfigurations. \n\nAn issue regarding same DES keys used to encrypt user\u0027s passwords has\nalso been reported, which can facilitate brute-force attacks on user\u0027s\npasswords if the attacker were to gain access to the LDAP store. \n\nThe vulnerability and security issue reportedly affect the following\nproducts:\n* Contivity 1000 VPN Switch\n* Contivity 2000 VPN Switch\n* Contivity 4000 VPN Switch\n* VPN Router 5000\n*VPN Router Portfolio\n\nSOLUTION:\nUpdate to versions 6_05.140, 5_05.304, or 5_05.149. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Detack GmbH. \n\nORIGINAL ADVISORY:\nNortel:\nhttp://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2334"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003769"
},
{
"db": "BID",
"id": "23562"
},
{
"db": "VULHUB",
"id": "VHN-25696"
},
{
"db": "PACKETSTORM",
"id": "56107"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-2334",
"trust": 2.8
},
{
"db": "BID",
"id": "23562",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "24962",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-1464",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "35056",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1017943",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003769",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200704-577",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-25696",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56107",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25696"
},
{
"db": "BID",
"id": "23562"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003769"
},
{
"db": "PACKETSTORM",
"id": "56107"
},
{
"db": "NVD",
"id": "CVE-2007-2334"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
]
},
"id": "VAR-200704-0315",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25696"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:53:12.206000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top page",
"trust": 0.8,
"url": "http://www.nortel-canada.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003769"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2334"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/23562"
},
{
"trust": 1.7,
"url": "http://osvdb.org/35056"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017943"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24962"
},
{
"trust": 1.7,
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=567877\u0026renditionid=\u0026poid=null"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2334"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2334"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/1464"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/products/01/contivity/index.html"
},
{
"trust": 0.3,
"url": "http://www.nortel.com/"
},
{
"trust": 0.3,
"url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2007/16/022181-01.pdf"
},
{
"trust": 0.1,
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026amp;documentoid=567877\u0026amp;renditionid=\u0026amp;poid=null"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24962/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/trial/38/request/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2426/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2425/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25696"
},
{
"db": "BID",
"id": "23562"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003769"
},
{
"db": "PACKETSTORM",
"id": "56107"
},
{
"db": "NVD",
"id": "CVE-2007-2334"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-25696"
},
{
"db": "BID",
"id": "23562"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003769"
},
{
"db": "PACKETSTORM",
"id": "56107"
},
{
"db": "NVD",
"id": "CVE-2007-2334"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-04-27T00:00:00",
"db": "VULHUB",
"id": "VHN-25696"
},
{
"date": "2007-04-19T00:00:00",
"db": "BID",
"id": "23562"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003769"
},
{
"date": "2007-04-20T21:50:15",
"db": "PACKETSTORM",
"id": "56107"
},
{
"date": "2007-04-27T16:19:00",
"db": "NVD",
"id": "CVE-2007-2334"
},
{
"date": "2007-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-25696"
},
{
"date": "2016-07-06T14:39:00",
"db": "BID",
"id": "23562"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003769"
},
{
"date": "2011-03-08T02:54:01.533000",
"db": "NVD",
"id": "CVE-2007-2334"
},
{
"date": "2007-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN Router Vulnerabilities that allow access to the management interface",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003769"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "23562"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-577"
}
],
"trust": 0.9
}
}
VAR-200704-0314
Vulnerability from variot - Updated: 2023-12-18 12:53Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network. Nortel VPN routers are prone to multiple remote unauthorized-access vulnerabilities due to design errors. This issue affects all model numbers for Nortel VPN Routers 1000, 2000, 4000, 5000. Nortel VPN routers were formerly known as Contivity. Nortel VPN routers provide routing, VPN, firewall, bandwidth management, encryption, authentication, and data integrity functions for secure connections over IP networks and the Internet.
Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/
TITLE: Nortel VPN Router Default User Accounts and Missing Authentication Checks
SECUNIA ADVISORY ID: SA24962
VERIFY ADVISORY: http://secunia.com/advisories/24962/
CRITICAL: Moderately critical
IMPACT: Security Bypass, Manipulation of data
WHERE:
From remote
OPERATING SYSTEM: Nortel Contivity VPN Switches http://secunia.com/product/2425/ Nortel VPN Routers http://secunia.com/product/2426/
DESCRIPTION: A vulnerability and a security issue have been reported in Nortel VPN Routers, which can be exploited by malicious people to bypass certain security restrictions or manipulate certain data.
1) Two default user accounts ("FIPSecryptedtest1219" and "FIPSunecryptedtest1219") are configured on the VPN Router, which are not readily visible to the system manager.
2) Missing authentication checks within two template files of the web management tool can be exploited to e.g. modify certain router configurations.
An issue regarding same DES keys used to encrypt user's passwords has also been reported, which can facilitate brute-force attacks on user's passwords if the attacker were to gain access to the LDAP store.
The vulnerability and security issue reportedly affect the following products: * Contivity 1000 VPN Switch * Contivity 2000 VPN Switch * Contivity 4000 VPN Switch * VPN Router 5000 *VPN Router Portfolio
SOLUTION: Update to versions 6_05.140, 5_05.304, or 5_05.149.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Detack GmbH.
ORIGINAL ADVISORY: Nortel: http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200704-0314",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 2.4,
"vendor": "nortel",
"version": "4000_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "1000_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "2000_vpn_switch"
},
{
"model": "vpn router 5000",
"scope": null,
"trust": 1.4,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router portfolio",
"scope": null,
"trust": 1.4,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router portfolio",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 5000",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "4000"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "5_05.304"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "5_05.149"
},
{
"model": "contivity",
"scope": "lt",
"trust": 0.8,
"vendor": "nortel",
"version": "5_05.3xx"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "2000"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "1000"
},
{
"model": "contivity",
"scope": "lt",
"trust": 0.8,
"vendor": "nortel",
"version": "5000"
},
{
"model": "contivity",
"scope": "eq",
"trust": 0.8,
"vendor": "nortel",
"version": "6_05.140"
},
{
"model": "contivity",
"scope": "lt",
"trust": 0.8,
"vendor": "nortel",
"version": "6.x"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2700"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "17500"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1740"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1700"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1100"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1050"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1010"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4000"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2000"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
}
],
"sources": [
{
"db": "BID",
"id": "23562"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003768"
},
{
"db": "NVD",
"id": "CVE-2007-2333"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_portfolio:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2333"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Detack GmbH",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
],
"trust": 0.6
},
"cve": "CVE-2007-2333",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-2333",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-25695",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-2333",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200704-575",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-25695",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25695"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003768"
},
{
"db": "NVD",
"id": "CVE-2007-2333"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network. Nortel VPN routers are prone to multiple remote unauthorized-access vulnerabilities due to design errors. \nThis issue affects all model numbers for Nortel VPN Routers 1000, 2000, 4000, 5000. Nortel VPN routers were formerly known as Contivity. Nortel VPN routers provide routing, VPN, firewall, bandwidth management, encryption, authentication, and data integrity functions for secure connections over IP networks and the Internet. \n\n----------------------------------------------------------------------\n\nSecunia customers receive relevant and filtered advisories. \nDelivery is done via different channels including SMS, Email, Web,\nand https based XML feed. \nhttp://corporate.secunia.com/trial/38/request/\n\n----------------------------------------------------------------------\n\nTITLE:\nNortel VPN Router Default User Accounts and Missing Authentication\nChecks\n\nSECUNIA ADVISORY ID:\nSA24962\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/24962/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSecurity Bypass, Manipulation of data\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nNortel Contivity VPN Switches\nhttp://secunia.com/product/2425/\nNortel VPN Routers\nhttp://secunia.com/product/2426/\n\nDESCRIPTION:\nA vulnerability and a security issue have been reported in Nortel VPN\nRouters, which can be exploited by malicious people to bypass certain\nsecurity restrictions or manipulate certain data. \n\n1) Two default user accounts (\"FIPSecryptedtest1219\" and\n\"FIPSunecryptedtest1219\") are configured on the VPN Router, which are\nnot readily visible to the system manager. \n\n2) Missing authentication checks within two template files of the web\nmanagement tool can be exploited to e.g. modify certain router\nconfigurations. \n\nAn issue regarding same DES keys used to encrypt user\u0027s passwords has\nalso been reported, which can facilitate brute-force attacks on user\u0027s\npasswords if the attacker were to gain access to the LDAP store. \n\nThe vulnerability and security issue reportedly affect the following\nproducts:\n* Contivity 1000 VPN Switch\n* Contivity 2000 VPN Switch\n* Contivity 4000 VPN Switch\n* VPN Router 5000\n*VPN Router Portfolio\n\nSOLUTION:\nUpdate to versions 6_05.140, 5_05.304, or 5_05.149. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Detack GmbH. \n\nORIGINAL ADVISORY:\nNortel:\nhttp://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2333"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003768"
},
{
"db": "BID",
"id": "23562"
},
{
"db": "VULHUB",
"id": "VHN-25695"
},
{
"db": "PACKETSTORM",
"id": "56107"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-2333",
"trust": 2.8
},
{
"db": "BID",
"id": "23562",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "24962",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-1464",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "35055",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1017943",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003768",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200704-575",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-25695",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "56107",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25695"
},
{
"db": "BID",
"id": "23562"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003768"
},
{
"db": "PACKETSTORM",
"id": "56107"
},
{
"db": "NVD",
"id": "CVE-2007-2333"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
]
},
"id": "VAR-200704-0314",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-25695"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:53:12.273000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top page",
"trust": 0.8,
"url": "http://www.nortel-canada.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003768"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2333"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/23562"
},
{
"trust": 1.7,
"url": "http://osvdb.org/35055"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1017943"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/24962"
},
{
"trust": 1.7,
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026documentoid=567877\u0026renditionid=\u0026poid=null"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2333"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2333"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/1464"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/products/01/contivity/index.html"
},
{
"trust": 0.3,
"url": "http://www.nortel.com/"
},
{
"trust": 0.3,
"url": "http://www116.nortelnetworks.com/pub/repository/clarify/document/2007/16/022181-01.pdf"
},
{
"trust": 0.1,
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=bltndetail\u0026amp;documentoid=567877\u0026amp;renditionid=\u0026amp;poid=null"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/24962/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/trial/38/request/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2426/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2425/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-25695"
},
{
"db": "BID",
"id": "23562"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003768"
},
{
"db": "PACKETSTORM",
"id": "56107"
},
{
"db": "NVD",
"id": "CVE-2007-2333"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-25695"
},
{
"db": "BID",
"id": "23562"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003768"
},
{
"db": "PACKETSTORM",
"id": "56107"
},
{
"db": "NVD",
"id": "CVE-2007-2333"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-04-27T00:00:00",
"db": "VULHUB",
"id": "VHN-25695"
},
{
"date": "2007-04-19T00:00:00",
"db": "BID",
"id": "23562"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003768"
},
{
"date": "2007-04-20T21:50:15",
"db": "PACKETSTORM",
"id": "56107"
},
{
"date": "2007-04-27T16:19:00",
"db": "NVD",
"id": "CVE-2007-2333"
},
{
"date": "2007-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-25695"
},
{
"date": "2016-07-06T14:39:00",
"db": "BID",
"id": "23562"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003768"
},
{
"date": "2011-03-08T02:54:01.393000",
"db": "NVD",
"id": "CVE-2007-2333"
},
{
"date": "2007-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN Router Is vulnerable to private network access",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003768"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "23562"
},
{
"db": "CNNVD",
"id": "CNNVD-200704-575"
}
],
"trust": 0.9
}
}
VAR-200001-0041
Vulnerability from variot - Updated: 2023-12-18 12:24cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. The Contivity series is an external network switch product developed by Nortel. The newer Contivity switch includes an httpd server running on the VxWorks operating system to provide a remote Web-based management interface.
A vulnerability exists in the "cgiproc" script implementation of the Web management interface of the Contivity series switches. A remote attacker could use this vulnerability to conduct a denial of service attack on the switch or view arbitrary system files.
Because the user input is not sufficiently filtered, if you pass metacharacters to the cgiporc program, such as "!" Or "$", the system will crash. Another vulnerability of cgiproc is the lack of authentication when requesting a management page. This enables an attacker to view any file in the web server. A total system crash can occur as a result of exploiting a vulnerability in a cgi-bin program called "cgiproc" that is included with the webserver. If metacharacters such as "!", or "$" are passed to cgiproc, the system will crash (because the characters are not escaped). foo foo@blacklisted.intranova.net provided the following example: http://x.x.x.x/manage/cgi/cgiproc?$ [crash] No evidence of this problem being exploited is saved in the logs. foo foo@blacklisted.intranova.net also provided an example for this vulnerability: http://x.x.x.x/manage/cgi/cgiproc?Nocfile=/name/and/path/of/file. (interesting places to look: /system/filelist.dat, /system/version.dat, /system/keys, /system/core, etc.) All that is written to the logs when this is exploited is below: 09:44:23 tEvtLgMgr 0 : Security [12] Management: Request for cgiproc denied. requires login In order to perform the operations detailed in the report, the "attackers" must be internal, private side users or authenticated tunnel users and the site administrator must allow them HTTP as a management protocol
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200001-0041",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "1.0"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "networks contivity extranet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2500"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "BID",
"id": "938"
},
{
"db": "NVD",
"id": "CVE-2000-0064"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0064"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "foo foo@blacklisted.intranova.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
],
"trust": 0.6
},
"cve": "CVE-2000-0064",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-1643",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2000-0064",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200001-041",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-1643",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1643"
},
{
"db": "NVD",
"id": "CVE-2000-0064"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. The Contivity series is an external network switch product developed by Nortel. The newer Contivity switch includes an httpd server running on the VxWorks operating system to provide a remote Web-based management interface. \n\n\u00a0A vulnerability exists in the \"cgiproc\" script implementation of the Web management interface of the Contivity series switches. A remote attacker could use this vulnerability to conduct a denial of service attack on the switch or view arbitrary system files. \n\n\u00a0Because the user input is not sufficiently filtered, if you pass metacharacters to the cgiporc program, such as \"!\" Or \"$\", the system will crash. Another vulnerability of cgiproc is the lack of authentication when requesting a management page. This enables an attacker to view any file in the web server. A total system crash can occur as a result of exploiting a vulnerability in a cgi-bin program called \"cgiproc\" that is included with the webserver. If metacharacters such as \"!\", or \"$\" are passed to cgiproc, the system will crash (because the characters are not escaped). \nfoo \u003cfoo@blacklisted.intranova.net\u003e provided the following example:\nhttp://x.x.x.x/manage/cgi/cgiproc?$\n[crash]\nNo evidence of this problem being exploited is saved in the logs. \nfoo \u003cfoo@blacklisted.intranova.net\u003e also provided an example for this vulnerability:\nhttp://x.x.x.x/manage/cgi/cgiproc?Nocfile=/name/and/path/of/file. \n(interesting places to look: /system/filelist.dat, /system/version.dat, /system/keys, /system/core, etc.)\nAll that is written to the logs when this is exploited is below:\n09:44:23 tEvtLgMgr 0 : Security [12] Management: Request for cgiproc denied. requires login\nIn order to perform the operations detailed in the report, the \"attackers\" must be internal, private side users or authenticated tunnel users and the site administrator must allow them HTTP as a management protocol",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0064"
},
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "BID",
"id": "938"
},
{
"db": "VULHUB",
"id": "VHN-1643"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2000-0064",
"trust": 2.3
},
{
"db": "BID",
"id": "938",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "7583",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200001-041",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2001-0323",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "257",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-1643",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "VULHUB",
"id": "VHN-1643"
},
{
"db": "BID",
"id": "938"
},
{
"db": "NVD",
"id": "CVE-2000-0064"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
]
},
"id": "VAR-200001-0041",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "VULHUB",
"id": "VHN-1643"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2001-0323"
}
]
},
"last_update_date": "2023-12-18T12:24:53.968000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0064"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/938"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/7583"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/257"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/products/01/contivity/index.html"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1643"
},
{
"db": "BID",
"id": "938"
},
{
"db": "NVD",
"id": "CVE-2000-0064"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "VULHUB",
"id": "VHN-1643"
},
{
"db": "BID",
"id": "938"
},
{
"db": "NVD",
"id": "CVE-2000-0064"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"date": "2000-01-17T00:00:00",
"db": "VULHUB",
"id": "VHN-1643"
},
{
"date": "2000-01-18T00:00:00",
"db": "BID",
"id": "938"
},
{
"date": "2000-01-17T05:00:00",
"db": "NVD",
"id": "CVE-2000-0064"
},
{
"date": "2000-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-1643"
},
{
"date": "2000-01-18T00:00:00",
"db": "BID",
"id": "938"
},
{
"date": "2008-09-10T19:02:41.993000",
"db": "NVD",
"id": "CVE-2000-0064"
},
{
"date": "2006-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Contivity Switch Remote Denial of Service Attack and File Leak Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2001-0323"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200001-041"
}
],
"trust": 0.6
}
}
VAR-200001-0040
Vulnerability from variot - Updated: 2023-12-18 12:24cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. The Contivity series is an external network switch product developed by Nortel. The newer Contivity switch includes an httpd server running on the VxWorks operating system to provide a remote Web-based management interface.
A vulnerability exists in the "cgiproc" script implementation of the Web management interface of the Contivity series switches. A remote attacker could use this vulnerability to conduct a denial of service attack on the switch or view arbitrary system files.
Because the user input is not sufficiently filtered, if you pass metacharacters to the cgiporc program, such as "!" Or "$", the system will crash. Another vulnerability of cgiproc is the lack of authentication when requesting a management page. This enables an attacker to view any file in the web server. A total system crash can occur as a result of exploiting a vulnerability in a cgi-bin program called "cgiproc" that is included with the webserver. If metacharacters such as "!", or "$" are passed to cgiproc, the system will crash (because the characters are not escaped). foo foo@blacklisted.intranova.net provided the following example: http://x.x.x.x/manage/cgi/cgiproc?$ [crash] No evidence of this problem being exploited is saved in the logs. foo foo@blacklisted.intranova.net also provided an example for this vulnerability: http://x.x.x.x/manage/cgi/cgiproc?Nocfile=/name/and/path/of/file. (interesting places to look: /system/filelist.dat, /system/version.dat, /system/keys, /system/core, etc.) All that is written to the logs when this is exploited is below: 09:44:23 tEvtLgMgr 0 : Security [12] Management: Request for cgiproc denied. requires login In order to perform the operations detailed in the report, the "attackers" must be internal, private side users or authenticated tunnel users and the site administrator must allow them HTTP as a management protocol
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200001-0040",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "1.0"
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "none",
"version": null
},
{
"model": "networks contivity extranet switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2500"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "BID",
"id": "938"
},
{
"db": "NVD",
"id": "CVE-2000-0063"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0063"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "foo foo@blacklisted.intranova.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
],
"trust": 0.6
},
"cve": "CVE-2000-0063",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "663d977a-2079-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-1642",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2000-0063",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200001-039",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-1642",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1"
},
{
"db": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-1642"
},
{
"db": "NVD",
"id": "CVE-2000-0063"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. The Contivity series is an external network switch product developed by Nortel. The newer Contivity switch includes an httpd server running on the VxWorks operating system to provide a remote Web-based management interface. \n\n\u00a0A vulnerability exists in the \"cgiproc\" script implementation of the Web management interface of the Contivity series switches. A remote attacker could use this vulnerability to conduct a denial of service attack on the switch or view arbitrary system files. \n\n\u00a0Because the user input is not sufficiently filtered, if you pass metacharacters to the cgiporc program, such as \"!\" Or \"$\", the system will crash. Another vulnerability of cgiproc is the lack of authentication when requesting a management page. This enables an attacker to view any file in the web server. A total system crash can occur as a result of exploiting a vulnerability in a cgi-bin program called \"cgiproc\" that is included with the webserver. If metacharacters such as \"!\", or \"$\" are passed to cgiproc, the system will crash (because the characters are not escaped). \nfoo \u003cfoo@blacklisted.intranova.net\u003e provided the following example:\nhttp://x.x.x.x/manage/cgi/cgiproc?$\n[crash]\nNo evidence of this problem being exploited is saved in the logs. \nfoo \u003cfoo@blacklisted.intranova.net\u003e also provided an example for this vulnerability:\nhttp://x.x.x.x/manage/cgi/cgiproc?Nocfile=/name/and/path/of/file. \n(interesting places to look: /system/filelist.dat, /system/version.dat, /system/keys, /system/core, etc.)\nAll that is written to the logs when this is exploited is below:\n09:44:23 tEvtLgMgr 0 : Security [12] Management: Request for cgiproc denied. requires login\nIn order to perform the operations detailed in the report, the \"attackers\" must be internal, private side users or authenticated tunnel users and the site administrator must allow them HTTP as a management protocol",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0063"
},
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "BID",
"id": "938"
},
{
"db": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1"
},
{
"db": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-1642"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2000-0063",
"trust": 2.7
},
{
"db": "BID",
"id": "938",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200001-039",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2001-0323",
"trust": 1.0
},
{
"db": "NSFOCUS",
"id": "257",
"trust": 0.6
},
{
"db": "IVD",
"id": "7D77FBD3-463F-11E9-88DF-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "663D977A-2079-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-1642",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1"
},
{
"db": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "VULHUB",
"id": "VHN-1642"
},
{
"db": "BID",
"id": "938"
},
{
"db": "NVD",
"id": "CVE-2000-0063"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
]
},
"id": "VAR-200001-0040",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1"
},
{
"db": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "VULHUB",
"id": "VHN-1642"
}
],
"trust": 0.11000000000000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1"
},
{
"db": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2001-0323"
}
]
},
"last_update_date": "2023-12-18T12:24:53.996000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0063"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/938"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/257"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/products/01/contivity/index.html"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1642"
},
{
"db": "BID",
"id": "938"
},
{
"db": "NVD",
"id": "CVE-2000-0063"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1"
},
{
"db": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"db": "VULHUB",
"id": "VHN-1642"
},
{
"db": "BID",
"id": "938"
},
{
"db": "NVD",
"id": "CVE-2000-0063"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-01-19T00:00:00",
"db": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1"
},
{
"date": "2001-01-19T00:00:00",
"db": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d"
},
{
"date": "2001-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"date": "2000-01-17T00:00:00",
"db": "VULHUB",
"id": "VHN-1642"
},
{
"date": "2000-01-18T00:00:00",
"db": "BID",
"id": "938"
},
{
"date": "2000-01-17T05:00:00",
"db": "NVD",
"id": "CVE-2000-0063"
},
{
"date": "2000-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-01-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2001-0323"
},
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-1642"
},
{
"date": "2000-01-18T00:00:00",
"db": "BID",
"id": "938"
},
{
"date": "2008-09-10T19:02:41.913000",
"db": "NVD",
"id": "CVE-2000-0063"
},
{
"date": "2006-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Contivity Switch Remote Denial of Service Attack and File Leak Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1"
},
{
"db": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2001-0323"
}
],
"trust": 1.0
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "7d77fbd3-463f-11e9-88df-000c29342cb1"
},
{
"db": "IVD",
"id": "663d977a-2079-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-200001-039"
}
],
"trust": 1.0
}
}
FKIE_CVE-2007-2333
Vulnerability from fkie_nvd - Published: 2007-04-27 16:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nortel | contivity | 1000_vpn_switch | |
| nortel | contivity | 2000_vpn_switch | |
| nortel | contivity | 4000_vpn_switch | |
| nortel | vpn_router_5000 | * | |
| nortel | vpn_router_portfolio | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "4342FEF4-588B-459B-9490-3FD89B229E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "F31FDFE3-82C9-47CA-A5FF-E5A2491794FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC7887D-9D8C-46D8-9065-23D41CF07E88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9050DFE2-99C6-41F0-AD1D-5EDFB9B15D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_portfolio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4651F6B1-64CC-4CDB-86C6-01CBFA3B2BE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network."
},
{
"lang": "es",
"value": "Nortel VPN Router (tambi\u00e9n conocido como Contivity) 1000, 2000, 4000, y 5000 anterior a 5_05.149, 5_05.3xx anterior 5_05.304, y 6.x anterior 6_05.140 incluyen las cuentas por defecto FIPSecryptedtest1219 y FIPSunecryptedtest1219 en la plantilla LDAP, lo cual podr\u00eda permitir a atacantes remotos acceder a la red privada."
}
],
"evaluatorSolution": "The vendor has addressed this issue through a product update that can be found at: http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null",
"id": "CVE-2007-2333",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-27T16:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35055"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24962"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23562"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017943"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-2334
Vulnerability from fkie_nvd - Published: 2007-04-27 16:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "4342FEF4-588B-459B-9490-3FD89B229E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "F31FDFE3-82C9-47CA-A5FF-E5A2491794FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC7887D-9D8C-46D8-9065-23D41CF07E88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9050DFE2-99C6-41F0-AD1D-5EDFB9B15D8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests."
},
{
"lang": "es",
"value": "Nortel VPN Router (tambi\u00e9n conocido como Contivity) 1000, 2000, 4000, y 5000 anterior a 5_05.149, 5_05.3xx anterior 5_05.304, y 6.x anterior 6_05.140 tiene dos archivos de plantilla html que carecen de ciertas etiquetas de verificaci\u00f3n, lo cual podr\u00eda permitir a atacantes remotos acceder a la interfaz de administrador y cambiar los controladores de configuraci\u00f3n a trav\u00e9s de ciertas respuestas."
}
],
"evaluatorSolution": "The vendor has addressed this issue with the following product update: http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null",
"id": "CVE-2007-2334",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-27T16:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35056"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24962"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23562"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24962"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-2579
Vulnerability from fkie_nvd - Published: 2005-08-16 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nortel:contivity:v05_01.030:*:*:*:*:*:*:*",
"matchCriteriaId": "0C7340D1-1449-4B0D-8AA0-1A6BD6623C64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box."
}
],
"evaluatorSolution": "Patch released by vendor.",
"id": "CVE-2005-2579",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-08-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112370730131219\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112370730131219\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-1802
Vulnerability from fkie_nvd - Published: 2005-05-27 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nortel | contivity | 1000_vpn_switch | |
| nortel | contivity | 1500_vpn_switch | |
| nortel | contivity | 1600_secure_ip_services_gateway | |
| nortel | contivity | 2000_vpn_switch | |
| nortel | contivity | 2500_vpn_switch | |
| nortel | contivity | 2600_secure_ip_services_gateway | |
| nortel | contivity | 4000_vpn_switch | |
| nortel | contivity | 4500_secure_ip_services_gateway | |
| nortel | contivity | 4600_secure_ip_services_gateway | |
| nortel | vpn_router_1010 | * | |
| nortel | vpn_router_1050 | * | |
| nortel | vpn_router_1100 | * | |
| nortel | vpn_router_1700 | * | |
| nortel | vpn_router_1740 | * | |
| nortel | vpn_router_2700 | * | |
| nortel | vpn_router_5000 | * | |
| nortel | vpn_router_600 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "4342FEF4-588B-459B-9490-3FD89B229E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:1500_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "D842866D-3609-4E56-9A49-4DEA16E5642F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:1600_secure_ip_services_gateway:*:*:*:*:*:*:*",
"matchCriteriaId": "F9231EA1-BA0F-4A4D-955A-651447AFC91B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "F31FDFE3-82C9-47CA-A5FF-E5A2491794FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:2500_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "A5ED1556-CDAE-4149-B2AF-2B252D94E65A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:2600_secure_ip_services_gateway:*:*:*:*:*:*:*",
"matchCriteriaId": "06A34A14-A349-43C4-A03C-8320E56AC2A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC7887D-9D8C-46D8-9065-23D41CF07E88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:4500_secure_ip_services_gateway:*:*:*:*:*:*:*",
"matchCriteriaId": "C76FDA60-BACA-4A2E-8112-F00DC9B89694",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:4600_secure_ip_services_gateway:*:*:*:*:*:*:*",
"matchCriteriaId": "B860310F-F1F1-45A5-A324-AAA9735C92F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370BE654-2A89-4FA9-BE88-3E4CA19441FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD74483C-842C-4E01-A786-C34866B548FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC585A5-DBBE-4236-801A-F52523A5C5DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B922ADAB-F42F-4113-8222-0493FE74CF6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_1740:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF2FF1CE-97F7-4951-8FD7-59657670BF05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_2700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23377D6E-6C2C-425B-A6DC-E5319B327DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9050DFE2-99C6-41F0-AD1D-5EDFB9B15D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:vpn_router_600:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC34C85-99E9-4DAB-B19E-9179813C0398",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header."
}
],
"id": "CVE-2005-1802",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1014068"
},
{
"source": "cve@mitre.org",
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/399423"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/13792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1014068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/399423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/13792"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-0844
Vulnerability from fkie_nvd - Published: 2005-05-02 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nortel:contivity:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "37D59E92-E606-4C59-9D34-B921A00F096A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information."
}
],
"id": "CVE-2005-0844",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013512"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1013512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19791"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-1105
Vulnerability from fkie_nvd - Published: 2005-01-10 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nortel:contivity:4.91:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB1910-C2B3-4982-AE4D-20342924A010",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information."
},
{
"lang": "es",
"value": "Nortel Networks Contivity VPN Client muestra un mensaje de error dependiendo de si el nombre de usuario es v\u00e1lido o no, lo que podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n sensible."
}
],
"id": "CVE-2004-1105",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/CRDY-626N7F"
},
{
"source": "cve@mitre.org",
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11623"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/CRDY-626N7F"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-2621
Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nortel:contivity:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F8A65F-C993-4BC4-A189-F6585B42AA61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "A101AB6E-3D11-41F7-99B6-6E516D28F729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D1ED7923-FB6C-4788-8831-D5529AC73E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:4.91:*:*:*:*:*:*:*",
"matchCriteriaId": "F4AB1910-C2B3-4982-AE4D-20342924A010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nortel:contivity:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "37D59E92-E606-4C59-9D34-B921A00F096A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack."
}
],
"id": "CVE-2004-2621",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/12881"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1011846"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/11002"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11495"
},
{
"source": "cve@mitre.org",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/12881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1011846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/11002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17812"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-2334 (GCVE-0-2007-2334)
Vulnerability from cvelistv5 – Published: 2007-04-27 16:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35056",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35056"
},
{
"name": "ADV-2007-1464",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-13T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35056",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35056"
},
{
"name": "ADV-2007-1464",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2334",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017943",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35056",
"refsource": "OSVDB",
"url": "http://osvdb.org/35056"
},
{
"name": "ADV-2007-1464",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"name": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2334",
"datePublished": "2007-04-27T16:00:00",
"dateReserved": "2007-04-27T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2333 (GCVE-0-2007-2333)
Vulnerability from cvelistv5 – Published: 2007-04-27 16:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35055"
},
{
"name": "ADV-2007-1464",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-13T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35055"
},
{
"name": "ADV-2007-1464",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017943",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35055",
"refsource": "OSVDB",
"url": "http://osvdb.org/35055"
},
{
"name": "ADV-2007-1464",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"name": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2333",
"datePublished": "2007-04-27T16:00:00",
"dateReserved": "2007-04-27T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2621 (GCVE-0-2004-2621)
Vulnerability from cvelistv5 – Published: 2005-12-04 22:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:24.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588"
},
{
"name": "nortel-contivity-gain-access(17812)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17812"
},
{
"name": "11495",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11495"
},
{
"name": "11002",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/11002"
},
{
"name": "12881",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12881"
},
{
"name": "1011846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011846"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588"
},
{
"name": "nortel-contivity-gain-access(17812)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17812"
},
{
"name": "11495",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11495"
},
{
"name": "11002",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/11002"
},
{
"name": "12881",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12881"
},
{
"name": "1011846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011846"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588"
},
{
"name": "nortel-contivity-gain-access(17812)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17812"
},
{
"name": "11495",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11495"
},
{
"name": "11002",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/11002"
},
{
"name": "12881",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12881"
},
{
"name": "1011846",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011846"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2621",
"datePublished": "2005-12-04T22:00:00",
"dateReserved": "2005-12-04T00:00:00",
"dateUpdated": "2024-08-08T01:36:24.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2579 (GCVE-0-2005-2579)
Vulnerability from cvelistv5 – Published: 2005-08-16 04:00 – Updated: 2024-08-07 22:30
VLAI?
Summary
Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050810 Privilege escalation in Nortel Contivity VPN Client V05_01.030",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112370730131219\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050810 Privilege escalation in Nortel Contivity VPN Client V05_01.030",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112370730131219\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050810 Privilege escalation in Nortel Contivity VPN Client V05_01.030",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112370730131219\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2579",
"datePublished": "2005-08-16T04:00:00",
"dateReserved": "2005-08-16T00:00:00",
"dateUpdated": "2024-08-07T22:30:01.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1802 (GCVE-0-2005-1802)
Vulnerability from cvelistv5 – Published: 2005-06-01 04:00 – Updated: 2024-08-07 22:06
VLAI?
Summary
Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:56.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1014068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014068"
},
{
"name": "13792",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13792"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"name": "20050531 Nortel VPN Router Malformed Packet DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/399423"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-04T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1014068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014068"
},
{
"name": "13792",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13792"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"name": "20050531 Nortel VPN Router Malformed Packet DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/399423"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1014068",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014068"
},
{
"name": "13792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13792"
},
{
"name": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/",
"refsource": "MISC",
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"name": "20050531 Nortel VPN Router Malformed Packet DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/399423"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1802",
"datePublished": "2005-06-01T04:00:00",
"dateReserved": "2005-06-01T00:00:00",
"dateUpdated": "2024-08-07T22:06:56.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0844 (GCVE-0-2005-0844)
Vulnerability from cvelistv5 – Published: 2005-03-24 05:00 – Updated: 2024-08-07 21:28
VLAI?
Summary
Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:28.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050322 Nortel VPN Client Issue: Clear-text password stored in memory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"name": "1013512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013512"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/"
},
{
"name": "nortel-contivity-information-disclosure(19791)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050322 Nortel VPN Client Issue: Clear-text password stored in memory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"name": "1013512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013512"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/"
},
{
"name": "nortel-contivity-information-disclosure(19791)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050322 Nortel VPN Client Issue: Clear-text password stored in memory",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"name": "1013512",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013512"
},
{
"name": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/",
"refsource": "MISC",
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/"
},
{
"name": "nortel-contivity-information-disclosure(19791)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0844",
"datePublished": "2005-03-24T05:00:00",
"dateReserved": "2005-03-24T00:00:00",
"dateUpdated": "2024-08-07T21:28:28.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1105 (GCVE-0-2004-1105)
Vulnerability from cvelistv5 – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
VLAI?
Summary
Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:01.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11623"
},
{
"name": "VU#830214",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/CRDY-626N7F"
},
{
"name": "20041110 Nortel Networks Contivity VPN Client information leakage vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"name": "nortel-contivity-info-disclosure(17988)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11623"
},
{
"name": "VU#830214",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/CRDY-626N7F"
},
{
"name": "20041110 Nortel Networks Contivity VPN Client information leakage vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"name": "nortel-contivity-info-disclosure(17988)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11623"
},
{
"name": "VU#830214",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"name": "http://www.nii.co.in/vuln/contivity.html",
"refsource": "MISC",
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/CRDY-626N7F",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/CRDY-626N7F"
},
{
"name": "20041110 Nortel Networks Contivity VPN Client information leakage vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"name": "nortel-contivity-info-disclosure(17988)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1105",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-30T00:00:00",
"dateUpdated": "2024-08-08T00:39:01.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2334 (GCVE-0-2007-2334)
Vulnerability from nvd – Published: 2007-04-27 16:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35056",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35056"
},
{
"name": "ADV-2007-1464",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-13T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35056",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35056"
},
{
"name": "ADV-2007-1464",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2334",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017943",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35056",
"refsource": "OSVDB",
"url": "http://osvdb.org/35056"
},
{
"name": "ADV-2007-1464",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"name": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2334",
"datePublished": "2007-04-27T16:00:00",
"dateReserved": "2007-04-27T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2333 (GCVE-0-2007-2333)
Vulnerability from nvd – Published: 2007-04-27 16:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35055"
},
{
"name": "ADV-2007-1464",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-13T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017943",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35055"
},
{
"name": "ADV-2007-1464",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2333",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017943",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017943"
},
{
"name": "23562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23562"
},
{
"name": "24962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35055",
"refsource": "OSVDB",
"url": "http://osvdb.org/35055"
},
{
"name": "ADV-2007-1464",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"name": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=567877\u0026RenditionID=\u0026poid=null"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2333",
"datePublished": "2007-04-27T16:00:00",
"dateReserved": "2007-04-27T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2621 (GCVE-0-2004-2621)
Vulnerability from nvd – Published: 2005-12-04 22:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:24.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588"
},
{
"name": "nortel-contivity-gain-access(17812)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17812"
},
{
"name": "11495",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11495"
},
{
"name": "11002",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/11002"
},
{
"name": "12881",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12881"
},
{
"name": "1011846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011846"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588"
},
{
"name": "nortel-contivity-gain-access(17812)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17812"
},
{
"name": "11495",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11495"
},
{
"name": "11002",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/11002"
},
{
"name": "12881",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12881"
},
{
"name": "1011846",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011846"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=8\u0026subcategory=6\u0026subtype=\u0026DocumentOID=276620\u0026RenditionID=REND159588"
},
{
"name": "nortel-contivity-gain-access(17812)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17812"
},
{
"name": "11495",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11495"
},
{
"name": "11002",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/11002"
},
{
"name": "12881",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12881"
},
{
"name": "1011846",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011846"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2621",
"datePublished": "2005-12-04T22:00:00",
"dateReserved": "2005-12-04T00:00:00",
"dateUpdated": "2024-08-08T01:36:24.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2579 (GCVE-0-2005-2579)
Vulnerability from nvd – Published: 2005-08-16 04:00 – Updated: 2024-08-07 22:30
VLAI?
Summary
Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.758Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050810 Privilege escalation in Nortel Contivity VPN Client V05_01.030",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112370730131219\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050810 Privilege escalation in Nortel Contivity VPN Client V05_01.030",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112370730131219\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050810 Privilege escalation in Nortel Contivity VPN Client V05_01.030",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112370730131219\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2579",
"datePublished": "2005-08-16T04:00:00",
"dateReserved": "2005-08-16T00:00:00",
"dateUpdated": "2024-08-07T22:30:01.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1802 (GCVE-0-2005-1802)
Vulnerability from nvd – Published: 2005-06-01 04:00 – Updated: 2024-08-07 22:06
VLAI?
Summary
Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:56.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1014068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014068"
},
{
"name": "13792",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13792"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"name": "20050531 Nortel VPN Router Malformed Packet DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/399423"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-04T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1014068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014068"
},
{
"name": "13792",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13792"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"name": "20050531 Nortel VPN Router Malformed Packet DoS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/399423"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1014068",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014068"
},
{
"name": "13792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13792"
},
{
"name": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/",
"refsource": "MISC",
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"name": "20050531 Nortel VPN Router Malformed Packet DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/399423"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1802",
"datePublished": "2005-06-01T04:00:00",
"dateReserved": "2005-06-01T00:00:00",
"dateUpdated": "2024-08-07T22:06:56.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0844 (GCVE-0-2005-0844)
Vulnerability from nvd – Published: 2005-03-24 05:00 – Updated: 2024-08-07 21:28
VLAI?
Summary
Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:28.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050322 Nortel VPN Client Issue: Clear-text password stored in memory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"name": "1013512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013512"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/"
},
{
"name": "nortel-contivity-information-disclosure(19791)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050322 Nortel VPN Client Issue: Clear-text password stored in memory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"name": "1013512",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013512"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/"
},
{
"name": "nortel-contivity-information-disclosure(19791)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19791"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050322 Nortel VPN Client Issue: Clear-text password stored in memory",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111151589203707\u0026w=2"
},
{
"name": "1013512",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013512"
},
{
"name": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/",
"refsource": "MISC",
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/nortel-client/"
},
{
"name": "nortel-contivity-information-disclosure(19791)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19791"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0844",
"datePublished": "2005-03-24T05:00:00",
"dateReserved": "2005-03-24T00:00:00",
"dateUpdated": "2024-08-07T21:28:28.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1105 (GCVE-0-2004-1105)
Vulnerability from nvd – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
VLAI?
Summary
Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:01.036Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11623"
},
{
"name": "VU#830214",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/CRDY-626N7F"
},
{
"name": "20041110 Nortel Networks Contivity VPN Client information leakage vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"name": "nortel-contivity-info-disclosure(17988)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11623"
},
{
"name": "VU#830214",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/CRDY-626N7F"
},
{
"name": "20041110 Nortel Networks Contivity VPN Client information leakage vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"name": "nortel-contivity-info-disclosure(17988)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11623"
},
{
"name": "VU#830214",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"name": "http://www.nii.co.in/vuln/contivity.html",
"refsource": "MISC",
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/CRDY-626N7F",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/CRDY-626N7F"
},
{
"name": "20041110 Nortel Networks Contivity VPN Client information leakage vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"name": "nortel-contivity-info-disclosure(17988)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1105",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-30T00:00:00",
"dateUpdated": "2024-08-08T00:39:01.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}