All the vulnerabilites related to ingate - ingate_firewall
cve-2007-3176
Vulnerability from cvelistv5
Published
2007-06-11 22:00
Modified
2024-08-07 14:05
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/36707 | vdb-entry, x_refsource_OSVDB | |
| http://www.ingate.com/relnote-452.php | x_refsource_CONFIRM | |
| http://secunia.com/advisories/25420 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/1973 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34885 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:29.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36707",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36707"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-452.php"
},
{
"name": "25420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25420"
},
{
"name": "ADV-2007-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"name": "ingate-supportreport-information-disclosure(34885)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34885"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36707",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36707"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-452.php"
},
{
"name": "25420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25420"
},
{
"name": "ADV-2007-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"name": "ingate-supportreport-information-disclosure(34885)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34885"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36707",
"refsource": "OSVDB",
"url": "http://osvdb.org/36707"
},
{
"name": "http://www.ingate.com/relnote-452.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-452.php"
},
{
"name": "25420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25420"
},
{
"name": "ADV-2007-1973",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"name": "ingate-supportreport-information-disclosure(34885)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34885"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3176",
"datePublished": "2007-06-11T22:00:00",
"dateReserved": "2007-06-11T00:00:00",
"dateUpdated": "2024-08-07T14:05:29.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6092
Vulnerability from cvelistv5
Published
2007-11-22 00:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/27688 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/42175 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/26486 | vdb-entry, x_refsource_BID | |
| http://www.ingate.com/relnote-460.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "42175",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42175"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "42175",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42175"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27688",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27688"
},
{
"name": "42175",
"refsource": "OSVDB",
"url": "http://osvdb.org/42175"
},
{
"name": "26486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "http://www.ingate.com/relnote-460.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-460.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6092",
"datePublished": "2007-11-22T00:00:00",
"dateReserved": "2007-11-21T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6096
Vulnerability from cvelistv5
Published
2007-11-22 00:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of "administrators with less privileges," which might allow attackers to read these passwords via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/27688 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/26486 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/42171 | vdb-entry, x_refsource_OSVDB | |
| http://www.ingate.com/relnote-460.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "42171",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42171"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of \"administrators with less privileges,\" which might allow attackers to read these passwords via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "42171",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42171"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of \"administrators with less privileges,\" which might allow attackers to read these passwords via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27688",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "42171",
"refsource": "OSVDB",
"url": "http://osvdb.org/42171"
},
{
"name": "http://www.ingate.com/relnote-460.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-460.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6096",
"datePublished": "2007-11-22T00:00:00",
"dateReserved": "2007-11-21T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6098
Vulnerability from cvelistv5
Published
2007-11-22 00:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/26486 | vdb-entry, x_refsource_BID | |
| http://www.ingate.com/relnote-460.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6098",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "http://www.ingate.com/relnote-460.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-460.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6098",
"datePublished": "2007-11-22T00:00:00",
"dateReserved": "2007-11-21T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-2924
Vulnerability from cvelistv5
Published
2006-06-09 10:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26977 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1016245 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1016244 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ingate.com/relnote-441.php | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/18318 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2006/2183 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/20479 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ingate-ssltls-dos(26977)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26977"
},
{
"name": "1016245",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016245"
},
{
"name": "1016244",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016244"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"name": "18318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18318"
},
{
"name": "ADV-2006-2183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"name": "20479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ingate-ssltls-dos(26977)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26977"
},
{
"name": "1016245",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016245"
},
{
"name": "1016244",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016244"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"name": "18318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18318"
},
{
"name": "ADV-2006-2183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"name": "20479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ingate-ssltls-dos(26977)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26977"
},
{
"name": "1016245",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016245"
},
{
"name": "1016244",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016244"
},
{
"name": "http://www.ingate.com/relnote-441.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-441.php"
},
{
"name": "18318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18318"
},
{
"name": "ADV-2006-2183",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"name": "20479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2924",
"datePublished": "2006-06-09T10:00:00",
"dateReserved": "2006-06-09T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-2925
Vulnerability from cvelistv5
Published
2006-06-09 10:00
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to "XSS exploits" in administrator functionality.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1016245 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1016244 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ingate.com/relnote-441.php | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2006/2183 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/20479 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26978 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016245",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016245"
},
{
"name": "1016244",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016244"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"name": "ADV-2006-2183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"name": "20479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20479"
},
{
"name": "ingate-gui-xss(26978)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to \"XSS exploits\" in administrator functionality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016245",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016245"
},
{
"name": "1016244",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016244"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"name": "ADV-2006-2183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"name": "20479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20479"
},
{
"name": "ingate-gui-xss(26978)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to \"XSS exploits\" in administrator functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016245",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016245"
},
{
"name": "1016244",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016244"
},
{
"name": "http://www.ingate.com/relnote-441.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-441.php"
},
{
"name": "ADV-2006-2183",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"name": "20479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20479"
},
{
"name": "ingate-gui-xss(26978)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2925",
"datePublished": "2006-06-09T10:00:00",
"dateReserved": "2006-06-09T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4464
Vulnerability from cvelistv5
Published
2005-12-22 00:00
Modified
2024-08-07 23:46
Severity ?
EPSS score ?
Summary
Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/16023 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/18138 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2005/3011 | vdb-entry, x_refsource_VUPEN | |
| http://www.ingate.com/relnote-434.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16023"
},
{
"name": "18138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18138"
},
{
"name": "ADV-2005-3011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/3011"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-434.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16023"
},
{
"name": "18138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18138"
},
{
"name": "ADV-2005-3011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/3011"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-434.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4464",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16023"
},
{
"name": "18138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18138"
},
{
"name": "ADV-2005-3011",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3011"
},
{
"name": "http://www.ingate.com/relnote-434.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-434.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4464",
"datePublished": "2005-12-22T00:00:00",
"dateReserved": "2005-12-21T00:00:00",
"dateUpdated": "2024-08-07T23:46:05.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1112
Vulnerability from cvelistv5
Published
2005-03-11 05:00
Modified
2024-08-08 02:12
Severity ?
EPSS score ?
Summary
The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ | x_refsource_MISC | |
| http://www.kb.cert.org/vuls/id/528719 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.cert.org/advisories/CA-2003-06.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/6904 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11379 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:36.030Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"name": "VU#528719",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"name": "CA-2003-06",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"name": "6904",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6904"
},
{
"name": "sip-invite(11379)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"name": "VU#528719",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"name": "CA-2003-06",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"name": "6904",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6904"
},
{
"name": "sip-invite(11379)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/",
"refsource": "MISC",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"name": "VU#528719",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"name": "CA-2003-06",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"name": "6904",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6904"
},
{
"name": "sip-invite(11379)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1112",
"datePublished": "2005-03-11T05:00:00",
"dateReserved": "2005-03-11T00:00:00",
"dateUpdated": "2024-08-08T02:12:36.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3177
Vulnerability from cvelistv5
Published
2007-06-11 22:00
Modified
2024-08-07 14:05
Severity ?
EPSS score ?
Summary
Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34887 | vdb-entry, x_refsource_XF | |
| http://www.ingate.com/relnote-452.php | x_refsource_CONFIRM | |
| http://secunia.com/advisories/25420 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/1973 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/36708 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:29.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ingate-maddr-authentication-bypass(34887)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34887"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-452.php"
},
{
"name": "25420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25420"
},
{
"name": "ADV-2007-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"name": "36708",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36708"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ingate-maddr-authentication-bypass(34887)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34887"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-452.php"
},
{
"name": "25420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25420"
},
{
"name": "ADV-2007-1973",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"name": "36708",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36708"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ingate-maddr-authentication-bypass(34887)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34887"
},
{
"name": "http://www.ingate.com/relnote-452.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-452.php"
},
{
"name": "25420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25420"
},
{
"name": "ADV-2007-1973",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"name": "36708",
"refsource": "OSVDB",
"url": "http://osvdb.org/36708"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3177",
"datePublished": "2007-06-11T22:00:00",
"dateReserved": "2007-06-11T00:00:00",
"dateUpdated": "2024-08-07T14:05:29.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6094
Vulnerability from cvelistv5
Published
2007-11-22 00:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS).
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/42173 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/27688 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/26486 | vdb-entry, x_refsource_BID | |
| http://www.ingate.com/relnote-460.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42173",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42173"
},
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42173",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42173"
},
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42173",
"refsource": "OSVDB",
"url": "http://osvdb.org/42173"
},
{
"name": "27688",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "http://www.ingate.com/relnote-460.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-460.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6094",
"datePublished": "2007-11-22T00:00:00",
"dateReserved": "2007-11-21T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6093
Vulnerability from cvelistv5
Published
2007-11-22 00:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is "much more than expected."
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/27688 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/26486 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/42174 | vdb-entry, x_refsource_OSVDB | |
| http://www.ingate.com/relnote-460.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "42174",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42174"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is \"much more than expected.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "42174",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42174"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is \"much more than expected.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27688",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "42174",
"refsource": "OSVDB",
"url": "http://osvdb.org/42174"
},
{
"name": "http://www.ingate.com/relnote-460.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-460.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6093",
"datePublished": "2007-11-22T00:00:00",
"dateReserved": "2007-11-21T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.980Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6095
Vulnerability from cvelistv5
Published
2007-11-22 00:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/42172 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/27688 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/26486 | vdb-entry, x_refsource_BID | |
| http://www.ingate.com/relnote-460.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.632Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42172",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42172"
},
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42172",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42172"
},
{
"name": "27688",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42172",
"refsource": "OSVDB",
"url": "http://osvdb.org/42172"
},
{
"name": "27688",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27688"
},
{
"name": "26486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "http://www.ingate.com/relnote-460.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-460.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6095",
"datePublished": "2007-11-22T00:00:00",
"dateReserved": "2007-11-21T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6097
Vulnerability from cvelistv5
Published
2007-11-22 00:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/26486 | vdb-entry, x_refsource_BID | |
| http://www.ingate.com/relnote-460.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are \"incorrectly accepted.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6097",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are \"incorrectly accepted.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"name": "http://www.ingate.com/relnote-460.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-460.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6097",
"datePublished": "2007-11-22T00:00:00",
"dateReserved": "2007-11-21T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0311
Vulnerability from cvelistv5
Published
2005-02-10 05:00
Modified
2024-08-07 21:05
Severity ?
EPSS score ?
Summary
Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/19123 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/12383 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=110684375429946&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1013022 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ingate.com/relnote-422.php | x_refsource_CONFIRM | |
| http://secunia.com/advisories/14060 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ingate-firewall-unath-access(19123)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19123"
},
{
"name": "12383",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12383"
},
{
"name": "20050127 Ingate Firewall: Removed PPTP tunnels not deactivated",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110684375429946\u0026w=2"
},
{
"name": "1013022",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013022"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-422.php"
},
{
"name": "14060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ingate-firewall-unath-access(19123)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19123"
},
{
"name": "12383",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12383"
},
{
"name": "20050127 Ingate Firewall: Removed PPTP tunnels not deactivated",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110684375429946\u0026w=2"
},
{
"name": "1013022",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013022"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-422.php"
},
{
"name": "14060",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14060"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ingate-firewall-unath-access(19123)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19123"
},
{
"name": "12383",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12383"
},
{
"name": "20050127 Ingate Firewall: Removed PPTP tunnels not deactivated",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110684375429946\u0026w=2"
},
{
"name": "1013022",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013022"
},
{
"name": "http://www.ingate.com/relnote-422.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-422.php"
},
{
"name": "14060",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0311",
"datePublished": "2005-02-10T05:00:00",
"dateReserved": "2005-02-10T00:00:00",
"dateUpdated": "2024-08-07T21:05:25.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-6099
Vulnerability from cvelistv5
Published
2007-11-22 00:00
Modified
2024-09-16 17:58
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "media pinholes" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ingate.com/relnote-460.php | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:27.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave \"media pinholes\" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-22T00:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-460.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave \"media pinholes\" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ingate.com/relnote-460.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-460.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6099",
"datePublished": "2007-11-22T00:00:00Z",
"dateReserved": "2007-11-21T00:00:00Z",
"dateUpdated": "2024-09-16T17:58:09.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0960
Vulnerability from cvelistv5
Published
2008-06-10 18:00
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"name": "35463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35463"
},
{
"name": "30615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30615"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT2163"
},
{
"name": "ADV-2008-1787",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"name": "30648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30648"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"name": "32664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32664"
},
{
"name": "ADV-2008-1981",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"name": "ADV-2008-1801",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"name": "SUSE-SA:2008:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"name": "[productinfo] 20080611 Ingate Firewall and SIParator affected by SNMPv3 vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"name": "31351",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31351"
},
{
"name": "ADV-2008-1788",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"name": "FEDORA-2008-5215",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"name": "29623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29623"
},
{
"name": "31334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31334"
},
{
"name": "ADV-2008-2971",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "oval:org.mitre.oval:def:10820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"name": "oval:org.mitre.oval:def:6414",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"name": "30626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30626"
},
{
"name": "SSRT080082",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "[oss-security] 20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"name": "HPSBMA02439",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"name": "VU#878044",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"name": "30647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30647"
},
{
"name": "238865",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-1836",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"name": "33003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33003"
},
{
"name": "20080610 SNMP Version 3 Authentication Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"name": "ADV-2008-2361",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"name": "31568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31568"
},
{
"name": "31467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31467"
},
{
"name": "APPLE-SA-2008-06-30",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"name": "DSA-1663",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"name": "TA08-162A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"name": "RHSA-2008:0528",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"name": "3933",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3933"
},
{
"name": "RHSA-2008:0529",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"name": "30612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30612"
},
{
"name": "30802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"name": "5790",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"name": "ADV-2008-1797",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"name": "GLSA-200808-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"name": "20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"name": "30665",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30665"
},
{
"name": "FEDORA-2008-5218",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
},
{
"name": "FEDORA-2008-5224",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"name": "ADV-2008-1800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"name": "MDVSA-2008:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"name": "USN-685-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"name": "1020218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020218"
},
{
"name": "30596",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30596"
},
{
"name": "oval:org.mitre.oval:def:5785",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"name": "ADV-2009-1612",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"name": "30574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"name": "35463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35463"
},
{
"name": "30615",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30615"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT2163"
},
{
"name": "ADV-2008-1787",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"name": "30648",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30648"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"name": "32664",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32664"
},
{
"name": "ADV-2008-1981",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"name": "ADV-2008-1801",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"name": "SUSE-SA:2008:039",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"name": "[productinfo] 20080611 Ingate Firewall and SIParator affected by SNMPv3 vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"name": "31351",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31351"
},
{
"name": "ADV-2008-1788",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"name": "FEDORA-2008-5215",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"name": "29623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29623"
},
{
"name": "31334",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31334"
},
{
"name": "ADV-2008-2971",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "oval:org.mitre.oval:def:10820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"name": "oval:org.mitre.oval:def:6414",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"name": "30626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30626"
},
{
"name": "SSRT080082",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "[oss-security] 20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"name": "HPSBMA02439",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"name": "VU#878044",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"name": "30647",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30647"
},
{
"name": "238865",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-1836",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"name": "33003",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33003"
},
{
"name": "20080610 SNMP Version 3 Authentication Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"name": "ADV-2008-2361",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"name": "31568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31568"
},
{
"name": "31467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31467"
},
{
"name": "APPLE-SA-2008-06-30",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"name": "DSA-1663",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"name": "TA08-162A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"name": "RHSA-2008:0528",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"name": "3933",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3933"
},
{
"name": "RHSA-2008:0529",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"name": "30612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30612"
},
{
"name": "30802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"name": "5790",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"name": "ADV-2008-1797",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"name": "GLSA-200808-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"name": "20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"name": "30665",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30665"
},
{
"name": "FEDORA-2008-5218",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
},
{
"name": "FEDORA-2008-5224",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"name": "ADV-2008-1800",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"name": "MDVSA-2008:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"name": "USN-685-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"name": "1020218",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020218"
},
{
"name": "30596",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30596"
},
{
"name": "oval:org.mitre.oval:def:5785",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"name": "ADV-2009-1612",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"name": "30574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2008-0960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"name": "35463",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35463"
},
{
"name": "30615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30615"
},
{
"name": "http://support.apple.com/kb/HT2163",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT2163"
},
{
"name": "ADV-2008-1787",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"name": "30648",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30648"
},
{
"name": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"name": "32664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32664"
},
{
"name": "ADV-2008-1981",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"name": "ADV-2008-1801",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"name": "SUSE-SA:2008:039",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"name": "[productinfo] 20080611 Ingate Firewall and SIParator affected by SNMPv3 vulnerability",
"refsource": "MLIST",
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"name": "31351",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31351"
},
{
"name": "ADV-2008-1788",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"name": "FEDORA-2008-5215",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"name": "29623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29623"
},
{
"name": "31334",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31334"
},
{
"name": "ADV-2008-2971",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"name": "oval:org.mitre.oval:def:10820",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"name": "oval:org.mitre.oval:def:6414",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"name": "30626",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30626"
},
{
"name": "SSRT080082",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html",
"refsource": "MISC",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"name": "[oss-security] 20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"name": "HPSBMA02439",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"name": "VU#878044",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"name": "30647",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30647"
},
{
"name": "238865",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"name": "20081031 VMSA-2008-0017 Updated ESX packages for libxml2, ucd-snmp, libtiff",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"name": "ADV-2008-1836",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"name": "33003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33003"
},
{
"name": "20080610 SNMP Version 3 Authentication Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"name": "ADV-2008-2361",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"name": "31568",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31568"
},
{
"name": "31467",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31467"
},
{
"name": "APPLE-SA-2008-06-30",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"name": "DSA-1663",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"name": "TA08-162A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"name": "http://www.ocert.org/advisories/ocert-2008-006.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"name": "RHSA-2008:0528",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"name": "3933",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3933"
},
{
"name": "RHSA-2008:0529",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"name": "30612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30612"
},
{
"name": "30802",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30802"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=447974",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"name": "5790",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"name": "ADV-2008-1797",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"name": "GLSA-200808-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"name": "20080609 [oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"name": "30665",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30665"
},
{
"name": "FEDORA-2008-5218",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
},
{
"name": "FEDORA-2008-5224",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"name": "ADV-2008-1800",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"name": "MDVSA-2008:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"name": "USN-685-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=833770",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"name": "1020218",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020218"
},
{
"name": "30596",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30596"
},
{
"name": "oval:org.mitre.oval:def:5785",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"name": "ADV-2009-1612",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"name": "30574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2008-0960",
"datePublished": "2008-06-10T18:00:00",
"dateReserved": "2008-02-25T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-11-22 00:46
Modified
2024-11-21 00:39
Severity ?
Summary
Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCD0134-18A5-4C85-B6D3-6E66A8983C43",
"versionEndIncluding": "4.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598B6EC9-AF61-4C65-AE23-FC8F42CE64B1",
"versionEndIncluding": "4.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en libsrtp de Ingate Firewall anterior 4.6.0 y SIParator anterior a 4.6.0 tiene impacto y vectores de ataque desconocidos. NOTA: no est\u00e1 claro si este problema cruza fronteras de privilegios."
}
],
"id": "CVE-2007-6092",
"lastModified": "2024-11-21T00:39:20.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-22T00:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/42175"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26486"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-10 18:32
Modified
2024-11-21 00:43
Severity ?
Summary
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:catos:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAC7FBF-2493-42CA-9B23-20AF09F0DDA8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:catos:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE64E4C4-BACE-404F-966D-415976781DC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:catos:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "377F951F-C2D8-441D-A532-F62E23937F94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:catos:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "34A3A284-36A9-4E8C-815D-6E2FE4C158DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.0:s:*:*:*:*:*:*",
"matchCriteriaId": "A5823F33-7FB3-465B-8017-1866D9EF3AA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.0:sy:*:*:*:*:*:*",
"matchCriteriaId": "94870E9E-C883-4051-8854-CDE0AE7A64B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.1:e:*:*:*:*:*:*",
"matchCriteriaId": "85C2FF9C-7730-4DBF-8C86-1EF0F1E71D8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:ewa:*:*:*:*:*:*",
"matchCriteriaId": "4A4AFC06-85C5-4AD0-A409-27F9AF398D7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:jk:*:*:*:*:*:*",
"matchCriteriaId": "EB593071-BB5A-47AD-B9C6-59D2010F6280",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sb:*:*:*:*:*:*",
"matchCriteriaId": "74382B2D-E9A6-453D-9C07-F959EAB4C075",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sg:*:*:*:*:*:*",
"matchCriteriaId": "B3D93383-BD5A-4052-B724-055F6FCFC314",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sga:*:*:*:*:*:*",
"matchCriteriaId": "6B1E3C39-163D-4A99-AC96-2EE388305000",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sra:*:*:*:*:*:*",
"matchCriteriaId": "90710000-F963-4F36-9EE1-C3CE1CECDCA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:srb:*:*:*:*:*:*",
"matchCriteriaId": "5F4F8B9E-B2AB-4545-8ACF-8F03E636E842",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:src:*:*:*:*:*:*",
"matchCriteriaId": "6E2D6402-D2AF-4817-8A46-1FA9B17B720C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sxb:*:*:*:*:*:*",
"matchCriteriaId": "79BB5494-735D-424B-8B41-2FAECE1A7AD4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sxd:*:*:*:*:*:*",
"matchCriteriaId": "FD6178BC-9741-4FC1-87DA-A5407B3A4F40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:sxf:*:*:*:*:*:*",
"matchCriteriaId": "2A419BD7-6345-43D8-B69C-2255E2EF6FD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:zl:*:*:*:*:*:*",
"matchCriteriaId": "B472DEEE-148A-46B4-BCBC-0A9F62F38B31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.2:zy:*:*:*:*:*:*",
"matchCriteriaId": "23305EBA-11D5-417E-823E-39D0D052839D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8D0F64-5DE1-4A6F-91F0-8A8509BF077F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:b:*:*:*:*:*:*",
"matchCriteriaId": "95418AD2-FB85-4E20-B874-D82DDF88BC91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:ja:*:*:*:*:*:*",
"matchCriteriaId": "14D1B81D-95E4-4945-94F2-C36FD7C0DC55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:jeb:*:*:*:*:*:*",
"matchCriteriaId": "452FF154-F6C0-4BC4-969E-1D49AA3CCE49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:jk:*:*:*:*:*:*",
"matchCriteriaId": "3AB6C57C-8805-443F-8ACE-83DAA48878CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:jl:*:*:*:*:*:*",
"matchCriteriaId": "554C9611-55F1-40AF-9862-7E902D5CE1D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:jx:*:*:*:*:*:*",
"matchCriteriaId": "F89C185A-D3B3-4F5F-9249-F8EE89E8DD04",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:t:*:*:*:*:*:*",
"matchCriteriaId": "EEB0B55E-3579-4929-862F-C5FF9F796AE1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xa:*:*:*:*:*:*",
"matchCriteriaId": "8E8E34D3-0BCB-4D19-A41C-0375941E1B21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xg:*:*:*:*:*:*",
"matchCriteriaId": "09CBD68E-2A5C-43DF-9AD6-DE07815821B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xi:*:*:*:*:*:*",
"matchCriteriaId": "01393D91-ED1D-460D-8621-10260F0CBDD0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xk:*:*:*:*:*:*",
"matchCriteriaId": "8AB2FF53-5991-4264-B5CC-D1E45460BFCE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:xr:*:*:*:*:*:*",
"matchCriteriaId": "1A1FAF42-B7B1-40B0-A0F7-5DF821E6193F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:yf:*:*:*:*:*:*",
"matchCriteriaId": "1BE94EA2-E0CC-4760-94A8-DE56C8181F74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:yi:*:*:*:*:*:*",
"matchCriteriaId": "929836AD-8128-4174-872D-B9638B54611C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:yt:*:*:*:*:*:*",
"matchCriteriaId": "5ED5B53D-930D-477E-A0F6-76167AE67641",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.3:yx:*:*:*:*:*:*",
"matchCriteriaId": "84983F6A-64F6-4720-9291-FC84CA10EE25",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A60117-E4D1-4741-98A2-E643A26616A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:t:*:*:*:*:*:*",
"matchCriteriaId": "156B91B9-1F5B-4E83-A2B7-A5B7F272D5B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xa:*:*:*:*:*:*",
"matchCriteriaId": "C9E90E83-1732-4BEF-BC5B-401769DC8880",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xc:*:*:*:*:*:*",
"matchCriteriaId": "51679B26-DF28-4E41-9801-E1599F250FFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xd:*:*:*:*:*:*",
"matchCriteriaId": "E989900F-BE66-47E4-9A1B-11B9785F89BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xe:*:*:*:*:*:*",
"matchCriteriaId": "95A01B7E-8231-4001-A340-31CE66474FDA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xj:*:*:*:*:*:*",
"matchCriteriaId": "3CC62D3B-A287-4DED-A44D-3351452D4A55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:cisco_ios:12.4:xw:*:*:*:*:*:*",
"matchCriteriaId": "687E91FF-957E-449F-BDD6-85AA59E1E0D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79528F96-FD42-4A76-82EE-4B1324D53B5F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D626B494-6210-4F74-8D17-BA480B6665C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "82B6315D-7BEF-419F-9B93-3CF669E986D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33CCFFC6-9D26-4C39-AF76-0B8FCDE743CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FB31FAC-D720-4BF1-BFCC-0A9B714E292A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "904CA41E-8168-41DE-AE84-941962A7BB71",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8D69F8FA-D58A-4F53-86D8-A20C73E9B299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AD331C50-DB93-4001-B56A-C1012F894CDF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "75538529-611A-43B5-AC4D-089C4E2E2ACC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F992D03D-1DB8-44C1-B59D-1C09A32A2C91",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8BC298-4AF9-4281-9AD9-0D8F621E46B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2FE436B-2117-4FB4-B550-8454848D1D58",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:nx_os:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69D2BD63-C110-4E89-B239-4A59E20AB78E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:nx_os:4.0.1:a:*:*:*:*:*:*",
"matchCriteriaId": "43E5FFB6-861D-4F91-B3C9-C5E57DDD25C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:cisco:nx_os:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD3BD3D-767D-483D-9FFE-D23AA2E228E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6762126F-55E4-4963-99F5-206A46979E7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1945B97A-8276-4EE2-8F76-5F0C0956DF18",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C8CA81F-2AB6-45F8-8AAE-BF6A7EDA73D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2452913-0513-46BB-A52E-8FA12D77B570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ecos_sourceware:ecos:2.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "5D967624-23B1-48BB-91DB-1E1C18AAAD85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "18CCF3B9-CA7D-4D37-BD2C-1B74586B98A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0AB8C2-EE95-48AA-98B7-B6ED40494A0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "77930529-89BE-463D-8259-3D67D153284A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "743DEB17-3BE3-4278-A54B-2CE547DB9F31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCAF8C2-0E4E-4474-BD1E-F28A6EAEF8F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D2BCA127-F5F3-418F-890D-6B1C03019590",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5A2C2F-ABF4-46B0-80AB-867B97AE5237",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BE83150C-456E-462A-A0F1-ED8EAD60D671",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5B2431-335C-461B-B07F-88267EA71DCD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9DBA8E67-021A-4D07-94B9-943A8E1C4468",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "905D1F04-CDFD-4BAD-8939-5ABC70A874E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00878E69-2721-43E3-A853-D3DCFE5C258D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C51799BB-D931-436C-8C94-558956AC880A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1ACC549-B5AF-4F5C-A3FE-257AA6D80C7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D498D406-A453-4119-BBA1-4709CF5862AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D68555E-BEB9-4F1E-8D6D-C313FB501523",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:net-snmp:net_snmp:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7B44A0D4-3020-414B-81D7-679E8441E182",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:10.0:unkown:x86:*:*:*:*:*",
"matchCriteriaId": "B76A8BD4-E53F-49A6-946B-6E672DD0419C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E75493D0-F060-4CBA-8AB0-C4FE8B2A8C9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ace_10_6504_bundle_with_4_gbps_throughput:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C6B46B-13E2-4DA4-9EF2-007893034269",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_10_6509_bundle_with_8_gbps_throughput:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C501EB-CF9F-437D-A7C0-2A12F1D5E171",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_10_service_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "538FE81A-2FD9-4A7C-AEC7-8FCE98DADBE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_20_6504_bundle_with__4gbps_throughput:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15D3471D-6267-4481-8BBD-BFC106E8F30B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_20_6509_bundle_with_8gbps_throughput:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13FB3C8A-87D3-4601-BD97-2B9F9FA8CA47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_20_service_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0292228-80D8-4BA4-8662-698D7003D7D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFD21CF-CC38-477F-A78B-10CFEFF81E0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_xml_gateway:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "522C9080-86A6-40A8-905C-73187DAF83F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ace_xml_gateway:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1B7A18-F230-44D4-801E-8284085CA1DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9120:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E62CC4C-89A7-4594-BDD8-394211889220",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9124:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E152F995-BCD2-4725-A47C-1A5E7D6B9005",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9134:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51E38404-ED69-4B0E-A035-2AF5E0649CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:mds_9140:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A90F0A06-A634-4BD0-A477-90BD3384B7D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "346E0D1B-CF9E-48BC-AE7A-F8CEF09F6741",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0123D2ED-3983-45D3-B54A-3E75FCE99C6D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "66CA6C29-1DF1-46E3-BDCA-9ED72D3E6731",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E50E974E-87F5-45A2-88BA-B1E4913E3DAD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AB25CC-BB96-4675-98D7-C5FF30C24014",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7C95AD-3D5F-458B-A761-5D7779FEA327",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E4A3F6-5D89-47D0-84AD-601682399D8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C700A36D-5FB4-475D-BE85-74511830870A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02060365-1D67-4611-8D79-B9FC354EBF99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "194BD880-F672-4492-8356-B14C8DA8C2DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D769FC-3081-48F8-BBF1-3964F3F8B569",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A966DB26-8A52-4F4D-9C0E-8A8719A195AE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6675DF0-963A-4091-9786-7CE3337EE47E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77A94931-8584-4021-A5BB-83FF22D54955",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F06FB120-9BB3-4363-B2A2-A3475993FDFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8229DE3A-B9CB-44FF-8409-51E09DDED479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1AAD7A89-294A-45DA-B5F5-C69F7FCC4A5E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2699E7A6-7B3A-4C4C-9472-B8B6B547624D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D913348F-351C-4D78-A0AA-27B355D52235",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E88A46-CEC7-46D5-9697-232E18531FD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F16B8D0-81F5-4ECE-8276-EC30DDCCE1A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECFBAFE-9267-469A-A97F-F716969B247C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "48F839C7-7B33-4BF6-9ACF-76F32F5D7C72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1559E6-E7B6-4B5B-8841-CF502E05BA46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F041246F-5B7F-4F63-9E81-02465C9062C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB78013-DEE9-438E-ABD1-5E3D932177BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D77447C3-AA72-4CAB-A0B1-0883D41AD064",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "473038C0-1644-4FF2-A1DA-BCB8A7CD1CA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3F04F-7581-4DCA-970D-9FCBB56EA724",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABF04A7-8230-4AB9-8D66-DF1463037823",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC205E36-7027-4A9B-8574-9BB9C68007A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69C55DD7-986A-4AB6-8F61-5A5D26531011",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84DDD7E4-D5D7-4341-9482-2B918306578D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "14A3C59C-6A3D-477B-B425-1C085D6951E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "31AA57F4-5023-4333-9F19-C9D362E8E495",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "063034FF-0AB8-4D78-9822-0DCA9657C853",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67477EC7-363E-45B5-BA53-1A4E9FB20CDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78E11F95-E635-465C-BD7F-5F7E9192DEAC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74F145F0-573E-4CBC-AB69-3B77D6F9A540",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49DA7D86-8845-43CA-80DC-3D794322CB28",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ABD34FEB-7956-44AE-A510-2E5F9EF61651",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEF5098-3791-4CEB-A436-2809A4385D27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D895880-FB98-4472-A164-458CE086F339",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D7912AA3-0469-479E-9C5A-53F20E504956",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8677C6C8-39CA-492A-A196-9DFAF892120C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51FA6F2A-8444-4BB2-B7F2-B97AEFFF9E27",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "60E46CAD-0032-4CD6-AA2A-871E1DFC3A35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22CE55DE-00CA-4F87-9CA0-80A360E332FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63DC81FA-A6B4-41DC-8097-8944D06A2451",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB87853E-CAFF-48D8-9C56-A2DE325235D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "61E35451-BEE3-412A-8706-5522C00BE1DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E599E0CE-CCB7-4A30-8AA9-45BBC11AFEC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F45326B3-CC4E-4C3A-9819-28936A0432F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBF1A78-7190-4326-84BD-C18CC354DA38",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D97FFBA0-2E80-40EF-A4AC-F26D3490371E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A442F5B-5A1A-4CD0-B693-851FFB917E5D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "074BCB70-AD66-4141-9DD3-9DE73BDCB0F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "646BF70F-CB7B-48E3-8563-E089E1CECD11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD34A7B-508C-45F2-8725-FE42398D3652",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2785732-A5C7-434E-B45D-13138B574F45",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "989A4E8A-F23D-4BF5-B860-FB7B04A1CE56",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A07E1241-24BE-48D3-B737-56B2AAA3AF64",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB751FD-CCCA-4131-A24F-65DEF1128B26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:session_and_resource_control:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D106F4E4-4B41-4002-8C34-6A9C3A0FF640",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:session_and_resource_control:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "863583DC-DD93-46DC-BA06-0B838CDB2565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:src_pe:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D50E1B4-A64E-45D5-8A44-947DE7B8AAD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:juniper:src_pe:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5F1A8F-5ED9-4ED0-A336-A0E4A439E6F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte."
},
{
"lang": "es",
"value": "Una comprobaci\u00f3n SNMPv3 HMAC en (1) Net-SNMP versi\u00f3n 5.2.x anterior a 5.2.4.1, versi\u00f3n 5.3.x anterior a 5.3.2.1 y versi\u00f3n 5.4.x anterior a 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) C-series versi\u00f3n 1.0.0 hasta 2.0.0 de Juniper Session and Resource Control (SRC); (5) Data de NetApp (tambi\u00e9n se conoce como Network Appliance) ONTAP versiones 7.3RC1 y 7.3RC2; (6) SNMP Research versi\u00f3n anterior a 16.2; (7) m\u00faltiples productos Cisco IOS, CatOS, ACE y Nexus; (8) Ingate Firewall versi\u00f3n 3.1.0 y posterior y SIParator versi\u00f3n 3.1.0 y posterior; (9) HP OpenView SNMP Emanate Master Agent versi\u00f3n 15.x; y posiblemente otros productos dependen del cliente para especificar la longitud del HMAC, lo que facilita que los atacantes remotos omitan la autenticaci\u00f3n SNMP por medio de un valor de longitud de 1, que solo comprueba el primer byte."
}
],
"id": "CVE-2008-0960",
"lastModified": "2024-11-21T00:43:19.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-10T18:32:00.000",
"references": [
{
"source": "cret@cert.org",
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"source": "cret@cert.org",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"source": "cret@cert.org",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"source": "cret@cert.org",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30574"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30596"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/30612"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30615"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30626"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30647"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30648"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30665"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30802"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31334"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31351"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31467"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31568"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32664"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33003"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/35463"
},
{
"source": "cret@cert.org",
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/securityalert/3933"
},
{
"source": "cret@cert.org",
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"source": "cret@cert.org",
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"source": "cret@cert.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"source": "cret@cert.org",
"url": "http://support.apple.com/kb/HT2163"
},
{
"source": "cret@cert.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"source": "cret@cert.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"source": "cret@cert.org",
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"source": "cret@cert.org",
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"source": "cret@cert.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/29623"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1020218"
},
{
"source": "cret@cert.org",
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"source": "cret@cert.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"source": "cret@cert.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"source": "cret@cert.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"source": "cret@cert.org",
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"source": "cret@cert.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"source": "cret@cert.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"source": "cret@cert.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.ingate.com/pipermail/productinfo/2008/000021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=127730470825399\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2008-0528.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30596"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30648"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200808-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/forum/forum.php?forum_id=833770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1989089\u0026group_id=12694\u0026atid=456380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238865-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT2163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-282.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080610-snmpv3.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/878044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/CTAR-7FBS8Q"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS5Z"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MIMG-7ETS87"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ocert.org/advisories/ocert-2008-006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/06/09/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0529.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/493218/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497962/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/29623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-685-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1787/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1788/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1797/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1800/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1801/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1836/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1981/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2971"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/5790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00363.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00380.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00459.html"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-22 00:03
Modified
2024-11-21 00:04
Severity ?
Summary
Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_firewall | 3.2 | |
| ingate | ingate_firewall | 3.2.1 | |
| ingate | ingate_firewall | 3.3.1 | |
| ingate | ingate_firewall | 4.1.3 | |
| ingate | siparator | * | |
| ingate | siparator | 3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54A62177-AABD-4770-A51F-6C30F7D90AB2",
"versionEndIncluding": "4.3.3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "367F6F04-0E45-4EED-AB36-D8D1E993D29B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8229DE3A-B9CB-44FF-8409-51E09DDED479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2699E7A6-7B3A-4C4C-9472-B8B6B547624D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E88A46-CEC7-46D5-9697-232E18531FD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA371916-6FC8-4CF9-8A9F-0B079A33E70D",
"versionEndIncluding": "4.3.3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:siparator:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D3A3E34-3BCF-4FE7-A984-D83BCFE139F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response."
}
],
"id": "CVE-2005-4464",
"lastModified": "2024-11-21T00:04:19.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-22T00:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18138"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-434.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16023"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/3011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-434.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/3011"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-22 00:46
Modified
2024-11-21 00:39
Severity ?
Summary
Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of "administrators with less privileges," which might allow attackers to read these passwords via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCD0134-18A5-4C85-B6D3-6E66A8983C43",
"versionEndIncluding": "4.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598B6EC9-AF61-4C65-AE23-FC8F42CE64B1",
"versionEndIncluding": "4.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of \"administrators with less privileges,\" which might allow attackers to read these passwords via unknown vectors."
},
{
"lang": "es",
"value": "Ingate Firewall anterior a 4.6.0 y SIParator anterior a 4.6.0 usan almacenamiento en texto claro para las contrase\u00f1as de \"administradores con privilegios menores\", lo cual podr\u00eda permitir a atacantes leer estas contrase\u00f1as a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2007-6096",
"lastModified": "2024-11-21T00:39:21.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-22T00:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/42171"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26486"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:46
Severity ?
Summary
The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.cert.org/advisories/CA-2003-06.html | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ | Exploit | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/528719 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/6904 | Patch | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/11379 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cert.org/advisories/CA-2003-06.html | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/528719 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6904 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/11379 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AFD8014-A25B-4707-B81F-09A5F98909DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7A9308D-6A9A-4855-8ED8-F177732F972C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite."
}
],
"id": "CVE-2003-1112",
"lastModified": "2024-11-20T23:46:22.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6904"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-06.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/528719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/6904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11379"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-22 00:46
Modified
2024-11-21 00:39
Severity ?
Summary
The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is "much more than expected."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCD0134-18A5-4C85-B6D3-6E66A8983C43",
"versionEndIncluding": "4.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598B6EC9-AF61-4C65-AE23-FC8F42CE64B1",
"versionEndIncluding": "4.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is \"much more than expected.\""
},
{
"lang": "es",
"value": "La implementaci\u00f3n SRTP en Ingate Firewall anterior a 4.6.0 y SIParator anterior a 4.6.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del n\u00facleo) mediante un \u00edndice RTCP que es \"mucho m\u00e1s de lo esperado\"."
}
],
"id": "CVE-2007-6093",
"lastModified": "2024-11-21T00:39:20.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-22T00:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/42174"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26486"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-22 00:46
Modified
2024-11-21 00:39
Severity ?
Summary
The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCD0134-18A5-4C85-B6D3-6E66A8983C43",
"versionEndIncluding": "4.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598B6EC9-AF61-4C65-AE23-FC8F42CE64B1",
"versionEndIncluding": "4.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users."
},
{
"lang": "es",
"value": "El componente SIP en Ingate Firewall anterior a 4.6.0 y SIParator anterior a 4.6.0, cuando se emplea el NAT Transversal Remoto, no lleva adecuadamente a cabo el registro de usuarios ni la distribuci\u00f3n de mensajes, lo cual podr\u00eda permitir a usuarios remotos autenticados recibir mensajes destinados a otros usuarios."
}
],
"id": "CVE-2007-6095",
"lastModified": "2024-11-21T00:39:20.903",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-22T00:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/42172"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26486"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-22 00:46
Modified
2024-11-21 00:39
Severity ?
Summary
Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCD0134-18A5-4C85-B6D3-6E66A8983C43",
"versionEndIncluding": "4.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598B6EC9-AF61-4C65-AE23-FC8F42CE64B1",
"versionEndIncluding": "4.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are \"incorrectly accepted.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la implementaci\u00f3n ICMP de Ingate Firewall anterior a 4.6.0 y SIParator anterior a 4.6.0 tiene impacto y vectores de ataque remotos desconocidos, relacionados con paquetes ICMP que son \"aceptados incorrectamente\"."
}
],
"id": "CVE-2007-6097",
"lastModified": "2024-11-21T00:39:21.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-22T00:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26486"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-22 00:46
Modified
2024-11-21 00:39
Severity ?
Summary
The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCD0134-18A5-4C85-B6D3-6E66A8983C43",
"versionEndIncluding": "4.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598B6EC9-AF61-4C65-AE23-FC8F42CE64B1",
"versionEndIncluding": "4.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS)."
},
{
"lang": "es",
"value": "El m\u00f3dulo IPsec en el componente VPN de Ingate Firewall anterior a 4.6.0 y SIParator anteriora 4.6.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del m\u00f3dulo) mediante una proposici\u00f3n IPsec Phase 2 a la que le falta el Perfect Forward Secrecy (PFS)."
}
],
"id": "CVE-2007-6094",
"lastModified": "2024-11-21T00:39:20.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-22T00:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/42173"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26486"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-09 10:02
Modified
2024-11-21 00:12
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to "XSS exploits" in administrator functionality.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_firewall | 4.3.1 | |
| ingate | siparator | * | |
| ingate | siparator | 4.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85077F8-D213-4942-9B02-69BC9465FCAD",
"versionEndIncluding": "4.3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1559E6-E7B6-4B5B-8841-CF502E05BA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37F083E1-9FA4-4A5A-BBAD-3C422E930752",
"versionEndIncluding": "4.3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:siparator:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46C98D55-9DB1-47EC-9734-BBE8E892B4EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to \"XSS exploits\" in administrator functionality."
}
],
"id": "CVE-2006-2925",
"lastModified": "2024-11-21T00:12:25.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-06-09T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20479"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016244"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016245"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-11 22:30
Modified
2024-11-21 00:32
Severity ?
Summary
Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23F18CD-E827-4D66-BE1B-DF96FA8FB97C",
"versionEndIncluding": "4.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "381861E4-1009-4AEB-BD3D-9509784F0D05",
"versionEndIncluding": "4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter."
},
{
"lang": "es",
"value": "Ingate Firewall y SIParator anterior a 4.5.2 permite a atacantes remotos evitar la validaci\u00f3n SIP a trav\u00e9s de ciertos par\u00e1metros maddr."
}
],
"evaluatorSolution": "The vendor has addressed this issue through the release of a product upgrade: http://www.ingate.com/upgrades.php",
"id": "CVE-2007-3177",
"lastModified": "2024-11-21T00:32:35.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-11T22:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36708"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25420"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-452.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-452.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34887"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:54
Severity ?
Summary
Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | 3.2 | |
| ingate | ingate_firewall | 3.2.1 | |
| ingate | ingate_firewall | 3.3.1 | |
| ingate | ingate_firewall | 4.1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "367F6F04-0E45-4EED-AB36-D8D1E993D29B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8229DE3A-B9CB-44FF-8409-51E09DDED479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2699E7A6-7B3A-4C4C-9472-B8B6B547624D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E88A46-CEC7-46D5-9697-232E18531FD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources."
}
],
"id": "CVE-2005-0311",
"lastModified": "2024-11-20T23:54:51.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110684375429946\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14060"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1013022"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-422.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/12383"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110684375429946\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1013022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-422.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19123"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-22 00:46
Modified
2024-11-21 00:39
Severity ?
Summary
Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "media pinholes" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCD0134-18A5-4C85-B6D3-6E66A8983C43",
"versionEndIncluding": "4.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598B6EC9-AF61-4C65-AE23-FC8F42CE64B1",
"versionEndIncluding": "4.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave \"media pinholes\" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Ingate Firewall anterior a 4.6.0 y SIParator anterior a 4.6.0 podr\u00eda dejar \"poros de medios\" (media pinholes) abiertos tras un reinicio del m\u00f3dulo SIP, lo cual podr\u00eda facilitar a los atacantes remotos el llevar a cabo actividades no autorizadas."
}
],
"id": "CVE-2007-6099",
"lastModified": "2024-11-21T00:39:21.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-22T00:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-460.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-22 00:46
Modified
2024-11-21 00:39
Severity ?
Summary
Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCD0134-18A5-4C85-B6D3-6E66A8983C43",
"versionEndIncluding": "4.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "598B6EC9-AF61-4C65-AE23-FC8F42CE64B1",
"versionEndIncluding": "4.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection."
},
{
"lang": "es",
"value": "Ingate Firewall anterior a 4.6.0 y SIParator anterior a 4.6.0 no registra paquetes truncados (1) ICMP, (2) UDP, y (3) TCP, lo cual tiene impacto y vectores de ataque desconocidos; y tampoco registra (4) intentos de inicio de sesi\u00f3n por consola de usuarios no existentes, lo cual podr\u00eda facilitar a los atacantes con acceso f\u00edsico adivinar credenciales v\u00e1lidas de inicio de sesi\u00f3n evitando ser detectados."
}
],
"id": "CVE-2007-6098",
"lastModified": "2024-11-21T00:39:21.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-22T00:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-460.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26486"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-09 10:02
Modified
2024-11-21 00:12
Severity ?
Summary
Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_firewall | 4.3.4 | |
| ingate | ingate_siparator | * | |
| ingate | ingate_siparator | 4.3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF3C101-6223-458C-8D07-4D2326AE071C",
"versionEndIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC13E68-0A17-466B-91A0-8BC41F6F85A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D58CA9DC-48C1-4075-9C59-1422ED4C4CC0",
"versionEndIncluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A442F5B-5A1A-4CD0-B693-851FFB917E5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake."
}
],
"id": "CVE-2006-2924",
"lastModified": "2024-11-21T00:12:24.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-09T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20479"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016244"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016245"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18318"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26977"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-11 22:30
Modified
2024-11-21 00:32
Severity ?
Summary
Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_siparator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23F18CD-E827-4D66-BE1B-DF96FA8FB97C",
"versionEndIncluding": "4.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "381861E4-1009-4AEB-BD3D-9509784F0D05",
"versionEndIncluding": "4.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Ingate Firewall y SIParator anterior a 4.5.2 permite a usuarios remotos validados sin tener todos los privilegios, descargar un informe de soporte (Support Report)."
}
],
"id": "CVE-2007-3176",
"lastModified": "2024-11-21T00:32:35.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-06-11T22:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36707"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25420"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-452.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-452.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34885"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}