Search criteria
44 vulnerabilities found for wingate by qbik
VAR-202006-0499
Vulnerability from variot - Updated: 2023-12-18 13:42WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse. WinGate There is a vulnerability in improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qbik IP Management WinGate is an integrated multi-protocol proxy server for New Zealand Qbik IP Management. The product also supports functions such as e-mail servers and Internet gateways.
Qbik IP Management WinGate version 9.4.1.5998 has a security vulnerability, which is caused by the program assigning unsafe permissions to the installation directory. Local attackers can use this vulnerability to gain permission
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202006-0499",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wingate",
"scope": "eq",
"trust": 1.8,
"vendor": "qbik",
"version": "9.4.1.5998"
},
{
"model": "ip management wingate",
"scope": "eq",
"trust": 0.6,
"vendor": "qbik",
"version": "9.4.1.5998"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36616"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006303"
},
{
"db": "NVD",
"id": "CVE-2020-13866"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:qbik:wingate:9.4.1.5998:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-13866"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "hyp3rlinx",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-568"
}
],
"trust": 0.6
},
"cve": "CVE-2020-13866",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-006303",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2020-36616",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-006303",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-13866",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-006303",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-36616",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202006-568",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36616"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006303"
},
{
"db": "NVD",
"id": "CVE-2020-13866"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-568"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse. WinGate There is a vulnerability in improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Qbik IP Management WinGate is an integrated multi-protocol proxy server for New Zealand Qbik IP Management. The product also supports functions such as e-mail servers and Internet gateways. \n\r\n\r\nQbik IP Management WinGate version 9.4.1.5998 has a security vulnerability, which is caused by the program assigning unsafe permissions to the installation directory. Local attackers can use this vulnerability to gain permission",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-13866"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006303"
},
{
"db": "CNVD",
"id": "CNVD-2020-36616"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "PACKETSTORM",
"id": "157958",
"trust": 3.0
},
{
"db": "NVD",
"id": "CVE-2020-13866",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006303",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2020-36616",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47335",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "48573",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202006-568",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36616"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006303"
},
{
"db": "NVD",
"id": "CVE-2020-13866"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-568"
}
]
},
"id": "VAR-202006-0499",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36616"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36616"
}
]
},
"last_update_date": "2023-12-18T13:42:54.371000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.wingate.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006303"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.0
},
{
"problemtype": "CWE-276",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006303"
},
{
"db": "NVD",
"id": "CVE-2020-13866"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://packetstormsecurity.com/files/157958/wingate-9.4.1.5998-insecure-permissions-privilege-escalation.html"
},
{
"trust": 1.6,
"url": "http://hyp3rlinx.altervista.org/advisories/wingate-insecure-permissions-local-privilege-escalation.txt"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2020/jun/11"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13866"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-13866"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/48573"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47335"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-36616"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006303"
},
{
"db": "NVD",
"id": "CVE-2020-13866"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-568"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2020-36616"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-006303"
},
{
"db": "NVD",
"id": "CVE-2020-13866"
},
{
"db": "CNNVD",
"id": "CNNVD-202006-568"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-36616"
},
{
"date": "2020-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006303"
},
{
"date": "2020-06-08T16:15:10.117000",
"db": "NVD",
"id": "CVE-2020-13866"
},
{
"date": "2020-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-568"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-07-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-36616"
},
{
"date": "2020-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-006303"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-13866"
},
{
"date": "2020-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202006-568"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-568"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WinGate Vulnerability regarding improper default permissions in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-006303"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202006-568"
}
],
"trust": 0.6
}
}
VAR-200412-0018
Vulnerability from variot - Updated: 2023-12-18 12:13Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. [CERT/CC VU#887766 See also ] DNS A vulnerability in the protocol implementation has been identified. Depending on the implementation, between servers Query - response A storm may occur. Also, localhost UDP 53 Port is From If a query with is sent, the server may continue to respond to the server itself and resources may be exhausted.Denial of service (denial-of-service, DoS) You can be attacked. Multiple DNS vendors are reported susceptible to a denial of service vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "delegate",
"scope": "eq",
"trust": 1.9,
"vendor": "delegate",
"version": "8.9.5"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.3,
"vendor": "qbik",
"version": "4.0.1"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.3,
"vendor": "qbik",
"version": "3.0"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.60.1"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.60.0"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.9"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.8"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.7"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.6"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.5"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.3,
"vendor": "posadis",
"version": "0.50.4"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.8.05"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.5.31"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.5.30"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.5.29"
},
{
"model": "maradns",
"scope": "eq",
"trust": 1.3,
"vendor": "maradns",
"version": "0.5.28"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.10"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.9"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.8"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.7"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.6"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.5"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "2.0"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.4"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.3"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.2"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.1"
},
{
"model": "dnrd",
"scope": "eq",
"trust": 1.3,
"vendor": "dnrd",
"version": "1.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.9"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.5.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.4.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.4"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "8.3.3"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.9.11"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.2"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.8.0"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.7.1"
},
{
"model": "delegate",
"scope": "eq",
"trust": 1.3,
"vendor": "delegate",
"version": "7.7.0"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.31"
},
{
"model": "raidendnsd",
"scope": "eq",
"trust": 1.0,
"vendor": "team johnlong",
"version": "*"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.40"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.40"
},
{
"model": "2460 network dvr",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "3.12"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.12"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.12"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.12"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.34"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.0,
"vendor": "qbik",
"version": "6.0"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.0"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.32"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.0,
"vendor": "posadis",
"version": "m5pre2"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.30"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.32"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.30"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.30"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.10.0"
},
{
"model": "2400 video server",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "3.11"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.01"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.30"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.7"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.31"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.03"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.40"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.32"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.31"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.41"
},
{
"model": "dns server",
"scope": "eq",
"trust": 1.0,
"vendor": "pliant",
"version": "*"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.0,
"vendor": "qbik",
"version": "4.1_beta_a"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.34"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.02"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.34"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.9"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.31"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.40"
},
{
"model": "2400 video server",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "3.12"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.6"
},
{
"model": "mydns",
"scope": "eq",
"trust": 1.0,
"vendor": "don moore",
"version": "0.8"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.12"
},
{
"model": "2120 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.34"
},
{
"model": "2401 video server",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "3.12"
},
{
"model": "posadis",
"scope": "eq",
"trust": 1.0,
"vendor": "posadis",
"version": "m5pre1"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.32"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.41"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.0,
"vendor": "qbik",
"version": "6.0.1_build_995"
},
{
"model": "wingate",
"scope": "eq",
"trust": 1.0,
"vendor": "qbik",
"version": "6.0.1_build_993"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.41"
},
{
"model": "2100 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.33"
},
{
"model": "2110 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.41"
},
{
"model": "2420 network camera",
"scope": "eq",
"trust": 1.0,
"vendor": "axis",
"version": "2.33"
},
{
"model": "",
"scope": null,
"trust": 0.8,
"vendor": "multiple vendors",
"version": null
},
{
"model": "johnlong raidendnsd",
"scope": null,
"trust": 0.3,
"vendor": "team",
"version": null
},
{
"model": "wingate build",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.1995"
},
{
"model": "wingate build",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.1993"
},
{
"model": "wingate",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.0"
},
{
"model": "wingate beta a",
"scope": "eq",
"trust": 0.3,
"vendor": "qbik",
"version": "4.1"
},
{
"model": "m5pre2",
"scope": null,
"trust": 0.3,
"vendor": "posadis",
"version": null
},
{
"model": "m5pre1",
"scope": null,
"trust": 0.3,
"vendor": "posadis",
"version": null
},
{
"model": "dns server",
"scope": null,
"trust": 0.3,
"vendor": "pliant",
"version": null
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.10.0"
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.9x"
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.8x"
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.7x"
},
{
"model": "moore mydns",
"scope": "eq",
"trust": 0.3,
"vendor": "don",
"version": "0.6x"
},
{
"model": "communications digital video recorder",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24603.12"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.41"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.40"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.34"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.33"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.32"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.31"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.30"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "24202.12"
},
{
"model": "communications video server",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "2401+3.12"
},
{
"model": "communications video server",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "2400+3.12"
},
{
"model": "communications video server",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "2400+3.11"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.41"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.40"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.34"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.32"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.31"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.30"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21202.12"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.41"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.40"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.34"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.32"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.31"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.30"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21102.12"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.41"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.40"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.34"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.33"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.32"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.31"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.30"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.12"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.03"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.02"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.01"
},
{
"model": "communications network camera",
"scope": "eq",
"trust": 0.3,
"vendor": "axis",
"version": "21002.0"
},
{
"model": "wingate build",
"scope": "ne",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.31005"
},
{
"model": "wingate build",
"scope": "ne",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.21001"
},
{
"model": "wingate build",
"scope": "ne",
"trust": 0.3,
"vendor": "qbik",
"version": "6.0.21000"
},
{
"model": "posadis",
"scope": "ne",
"trust": 0.3,
"vendor": "posadis",
"version": "0.60.5"
},
{
"model": "posadis",
"scope": "ne",
"trust": 0.3,
"vendor": "posadis",
"version": "0.60.4"
},
{
"model": "posadis",
"scope": "ne",
"trust": 0.3,
"vendor": "posadis",
"version": "0.60.3"
},
{
"model": "posadis",
"scope": "ne",
"trust": 0.3,
"vendor": "posadis",
"version": "0.60.2"
},
{
"model": "quickdns server",
"scope": "ne",
"trust": 0.3,
"vendor": "men mice",
"version": "3.5.2"
},
{
"model": "quickdns server",
"scope": "ne",
"trust": 0.3,
"vendor": "men mice",
"version": "2.2.3"
},
{
"model": "maradns",
"scope": "ne",
"trust": 0.3,
"vendor": "maradns",
"version": "1.0.23"
},
{
"model": "maradns",
"scope": "ne",
"trust": 0.3,
"vendor": "maradns",
"version": "0.9.01"
},
{
"model": "maradns",
"scope": "ne",
"trust": 0.3,
"vendor": "maradns",
"version": "0.9.00"
},
{
"model": "maradns",
"scope": "ne",
"trust": 0.3,
"vendor": "maradns",
"version": "0.8.99"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.1.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.0.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.0"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.4.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.4"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.7"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.6"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.5"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.4"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.3.0"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.7"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.6"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.5"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.4"
},
{
"model": "bind beta",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.3"
},
{
"model": "bind p7",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p6",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p5",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p4",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p3",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.1.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.1.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "8.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.11"
},
{
"model": "bind ow2",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.10"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.10"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.9"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.8"
},
{
"model": "bind -t1b",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.7"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.7"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.6"
},
{
"model": "bind p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.5"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.5"
},
{
"model": "bind p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.4"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.4"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9.2"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.9"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.8.3"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.8.2.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.8.1"
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "4.8"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.11.0"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.10.4"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.10.3"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.10.2"
},
{
"model": "moore mydns",
"scope": "ne",
"trust": 0.3,
"vendor": "don",
"version": "0.10.1"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.17.1"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.17"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.16"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.15"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.14"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.13"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.12"
},
{
"model": "dnrd",
"scope": "ne",
"trust": 0.3,
"vendor": "dnrd",
"version": "2.11"
},
{
"model": "delegate",
"scope": "ne",
"trust": 0.3,
"vendor": "delegate",
"version": "8.9.6"
},
{
"model": "communications digital video recorder",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "24603.13"
},
{
"model": "communications network camera",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "24202.42"
},
{
"model": "communications video server",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "2401+3.13"
},
{
"model": "communications video server",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "2400+3.13"
},
{
"model": "communications network camera",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "21202.42"
},
{
"model": "communications network camera",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "21102.42"
},
{
"model": "communications network camera",
"scope": "ne",
"trust": 0.3,
"vendor": "axis",
"version": "21002.42"
}
],
"sources": [
{
"db": "BID",
"id": "11642"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:7.8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:7.8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:don_moore:mydns:0.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:maradns:maradns:0.5.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:0.50.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:0.50.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qbik:wingate:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qbik:wingate:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:7.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:7.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:don_moore:mydns:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:don_moore:mydns:0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pliant:pliant_dns_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:0.50.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:0.50.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:m5pre1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:m5pre2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:team_johnlong:raidendnsd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:7.9.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:maradns:maradns:0.5.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:maradns:maradns:0.5.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:0.50.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:0.50.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qbik:wingate:4.1_beta_a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qbik:wingate:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:7.7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:delegate:delegate:8.9.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:dnrd:dnrd:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:don_moore:mydns:0.10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:don_moore:mydns:0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:maradns:maradns:0.5.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:maradns:maradns:0.8.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:0.60.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:posadis:posadis:0.60.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qbik:wingate:6.0.1_build_993:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:qbik:wingate:6.0.1_build_995:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2110_network_camera:2.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2110_network_camera:2.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2110_network_camera:2.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2110_network_camera:2.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2120_network_camera:2.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2120_network_camera:2.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2420_network_camera:2.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2420_network_camera:2.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2110_network_camera:2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2120_network_camera:2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2120_network_camera:2.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2400_video_server:3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2401_video_server:3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2420_network_camera:2.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2460_network_dvr:3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2120_network_camera:2.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2400_video_server:3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2420_network_camera:2.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2420_network_camera:2.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2100_network_camera:2.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2110_network_camera:2.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2110_network_camera:2.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2120_network_camera:2.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2120_network_camera:2.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2420_network_camera:2.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2420_network_camera:2.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:axis:2420_network_camera:2.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roy Arends and Jakob Schlyter are credited on the NISCC advisory. The original discoverer of this vulnerability is unknown at this time.",
"sources": [
{
"db": "BID",
"id": "11642"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
],
"trust": 0.9
},
"cve": "CVE-2004-0789",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2004-0789",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-9219",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0789",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-718",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9219",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9219"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. [CERT/CC VU#887766 See also ] DNS A vulnerability in the protocol implementation has been identified. Depending on the implementation, between servers Query - response A storm may occur. Also, localhost UDP 53 Port is From If a query with is sent, the server may continue to respond to the server itself and resources may be exhausted.Denial of service (denial-of-service, DoS) You can be attacked. Multiple DNS vendors are reported susceptible to a denial of service vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0789"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "BID",
"id": "11642"
},
{
"db": "VULHUB",
"id": "VHN-9219"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0789",
"trust": 2.8
},
{
"db": "BID",
"id": "11642",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "13145",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1012157",
"trust": 1.1
},
{
"db": "XF",
"id": "17996",
"trust": 0.8
},
{
"db": "XF",
"id": "17997",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-9219",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9219"
},
{
"db": "BID",
"id": "11642"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
]
},
"id": "VAR-200412-0018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9219"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:13:45.102000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/11642"
},
{
"trust": 1.1,
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"trust": 1.1,
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"trust": 1.1,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
},
{
"trust": 1.1,
"url": "http://securitytracker.com/id?1012157"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/13145"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0789"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/17997"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/17996"
},
{
"trust": 0.8,
"url": "http://jvn.jp/niscc/niscc-758884/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2004-0789"
},
{
"trust": 0.3,
"url": "http://www.se.axis.com/techsup/cdsrv/storpoint_cd/index.html"
},
{
"trust": 0.3,
"url": "http://www.delegate.org/delegate/"
},
{
"trust": 0.3,
"url": "http://www.delegate.org/mail-lists/delegate-en/2753"
},
{
"trust": 0.3,
"url": "http://www.maradns.org/"
},
{
"trust": 0.3,
"url": "http://mydns.bboy.net/"
},
{
"trust": 0.3,
"url": "http://mydns.bboy.net/download/changelog.html"
},
{
"trust": 0.3,
"url": "http://www.axis.com/products/camera_servers/index.htm"
},
{
"trust": 0.3,
"url": "http://www.uniras.gov.uk/vuls/2004/758884/index.htm"
},
{
"trust": 0.3,
"url": "http://pliant.cx/pliant/protocol/dns/"
},
{
"trust": 0.3,
"url": "http://posadis.sourceforge.net/"
},
{
"trust": 0.3,
"url": "http://www.posadis.org/security/pos_adv_006.txt"
},
{
"trust": 0.3,
"url": "http://wingate.deerfield.com"
},
{
"trust": 0.3,
"url": "/archive/1/381612"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9219"
},
{
"db": "BID",
"id": "11642"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9219"
},
{
"db": "BID",
"id": "11642"
},
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"db": "NVD",
"id": "CVE-2004-0789"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-9219"
},
{
"date": "2004-11-09T00:00:00",
"db": "BID",
"id": "11642"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-0789"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9219"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11642"
},
{
"date": "2009-04-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2004-000608"
},
{
"date": "2017-07-11T01:30:28.667000",
"db": "NVD",
"id": "CVE-2004-0789"
},
{
"date": "2006-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "DNS Vulnerability in protocol implementation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2004-000608"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "11642"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-718"
}
],
"trust": 0.9
}
}
FKIE_CVE-2020-13866
Vulnerability from fkie_nvd - Published: 2020-06-08 16:15 - Updated: 2024-11-21 05:02
Severity ?
Summary
WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qbik:wingate:9.4.1.5998:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C3B70E-196D-462E-B0C7-40283F10A113",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse."
},
{
"lang": "es",
"value": "WinGate versi\u00f3n v9.4.1.5998, presenta permisos no seguros para el directorio de instalaci\u00f3n, lo que permite a usuarios locales alcanzar privilegios mediante el reemplazo de un archivo ejecutable con uno de tipo caballo de Troya"
}
],
"id": "CVE-2020-13866",
"lastModified": "2024-11-21T05:02:02.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-08T16:15:10.117",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Jun/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Jun/11"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-0802
Vulnerability from fkie_nvd - Published: 2009-03-04 16:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.kb.cert.org/vuls/id/435052 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/33858 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/435052 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/33858 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qbik | wingate | 6.0.0 | |
| qbik | wingate | 6.0.1_build_993 | |
| qbik | wingate | 6.0.1_build_995 | |
| qbik | wingate | 6.0.2_build_1000 | |
| qbik | wingate | 6.0.2_build_1001 | |
| qbik | wingate | 6.0.3_build_1005 | |
| qbik | wingate | 6.1 | |
| qbik | wingate | 6.1.1.1077 | |
| qbik | wingate | 6.1.2 | |
| qbik | wingate | 6.1.3 | |
| qbik | wingate | 6.1.4 | |
| qbik | wingate | 6.2 | |
| qbik | wingate | 6.2.1 | |
| qbik | wingate | 6.2.2 | |
| qbik | wingate | 6.5.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F7F7D9-7886-4C2E-8A79-3EAC9DF63474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.1_build_993:*:*:*:*:*:*:*",
"matchCriteriaId": "82CD8E2B-37BF-4989-ABF3-9EC8E6F1C079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.1_build_995:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCFB397-9F5F-42F8-ABB3-9700F100D43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.2_build_1000:*:*:*:*:*:*:*",
"matchCriteriaId": "00348CE9-7290-42D8-B727-47B06D98D8AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.2_build_1001:*:*:*:*:*:*:*",
"matchCriteriaId": "78495313-FD35-44C9-92B9-65EFAE0F9D42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.3_build_1005:*:*:*:*:*:*:*",
"matchCriteriaId": "60B349F8-DE32-47AF-8110-8509ACB7164E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC35C61-DF0B-4E37-AB6E-8316BB6D9A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.1.1077:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDF759C-0AAE-4760-B829-13F055AD290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05317F4B-C1D7-435A-BEB3-AD4DF60A05C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B0013128-2173-426A-9E41-1D5DB642BF66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F3CDE-1931-4BD9-9ABD-F07543DAC113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB5F0B2-42F0-4FDE-901F-6597E8C67986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1E8C06-4E84-4FB8-A513-D8ACC1146BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "87271BFA-34F6-41D6-A92B-F8E1EF49AC80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A41232E5-3586-4CED-8070-7C004C06E62E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."
},
{
"lang": "es",
"value": "Qbik WinGate, cuando el modo de intercepci\u00f3n transparente esta activado, utiliza una cabecera de Host HTTP para determinar un punto final remoto, lo que permite a atacantes remotos evitar el control de acceso para Flash, Java, Silverlight y probablemente otras tecnolog\u00edas, y posiblemente comunicar con sitios restringidos de redes internas a trav\u00e9s de una pagina web manipulada que causa que el cliente env\u00ede peticiones HTTP con una cabecera host modificada."
}
],
"id": "CVE-2009-0802",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-04T16:30:00.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/435052"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/33858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/435052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33858"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-3606
Vulnerability from fkie_nvd - Published: 2008-08-12 19:41 - Updated: 2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| qbik | wingate | * | |
| qbik | wingate | 2.0 | |
| qbik | wingate | 2.1 | |
| qbik | wingate | 3.0 | |
| qbik | wingate | 3.0.5 | |
| qbik | wingate | 4.0.1 | |
| qbik | wingate | 4.1 | |
| qbik | wingate | 4.1.0 | |
| qbik | wingate | 4.1.1 | |
| qbik | wingate | 4.2.0 | |
| qbik | wingate | 4.3.0 | |
| qbik | wingate | 4.3.0 | |
| qbik | wingate | 4.3.0 | |
| qbik | wingate | 4.4.0 | |
| qbik | wingate | 4.4.0 | |
| qbik | wingate | 4.4.1 | |
| qbik | wingate | 4.4.2 | |
| qbik | wingate | 4.5.0 | |
| qbik | wingate | 4.5.0 | |
| qbik | wingate | 4.5.1 | |
| qbik | wingate | 4.5.2 | |
| qbik | wingate | 5.0 | |
| qbik | wingate | 5.0.0 | |
| qbik | wingate | 5.0.1 | |
| qbik | wingate | 5.0.1.766 | |
| qbik | wingate | 5.0.5 | |
| qbik | wingate | 5.1 | |
| qbik | wingate | 5.2 | |
| qbik | wingate | 5.2.2 | |
| qbik | wingate | 5.2.3 | |
| qbik | wingate | 6.0 | |
| qbik | wingate | 6.0.0.984 | |
| qbik | wingate | 6.0.1.993 | |
| qbik | wingate | 6.0.1.995 | |
| qbik | wingate | 6.0.2.1000 | |
| qbik | wingate | 6.0.2.1001 | |
| qbik | wingate | 6.0.3.1005 | |
| qbik | wingate | 6.0.4.1025 | |
| qbik | wingate | 6.1.1.1077 | |
| qbik | wingate | 6.1.2.1094 | |
| qbik | wingate | 6.1.3.1096 | |
| qbik | wingate | 6.1.4 | |
| qbik | wingate | 6.2.1 | |
| qbik | wingate | 6.2.2.1137 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qbik:wingate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D592FD10-CC88-46CD-A726-EEC5191DE725",
"versionEndIncluding": "6.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B534B6E-B856-4E7F-A8E0-582637EE6B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA8E8CEE-E78A-46D5-B73D-C75CC8D088B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7BC4C8-FB7B-4A88-B97B-984D9AA8EA1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "87714896-157D-4343-A94F-C8CCAD285EEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1D98E1-EBE1-4697-906F-E29C91D9074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.1:beta_a:*:*:*:*:*:*",
"matchCriteriaId": "077D0405-5288-40A6-81A8-A8C4D924723D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE28B657-21EE-4F2E-8D1F-34D4E2642BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB73A60-062E-4A0B-B600-E1B4D613FE28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F0BB2B5-9E9A-42FC-87A4-0BAD1F39C9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AA75B20B-3510-4CF9-A74B-BA21D5527EE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.3.0:beta_a:*:*:*:*:*:*",
"matchCriteriaId": "F54C4B69-397F-4322-A1AD-11AF2C7F5F67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.3.0:beta_b:*:*:*:*:*:*",
"matchCriteriaId": "076063FF-B1D2-471D-ACDD-0AF3BA328069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B1AE22-2A99-4F4B-AAF6-6CBF35FEAEE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.4.0:beta_a:*:*:*:*:*:*",
"matchCriteriaId": "57726A67-AFC8-44E0-88D7-CA1C1DFA7C81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49897B9F-9A10-4034-B617-1B82405FB1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8109BA-2FFF-4642-AD15-FA11CD3088AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.5.0:beta_a:*:*:*:*:*:*",
"matchCriteriaId": "E56752EB-E1F5-4132-B769-33633E1B67FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.5.0:beta_b:*:*:*:*:*:*",
"matchCriteriaId": "49465E28-E5CD-4533-8A01-8BBE868F2AD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "59FE243C-16F2-4C6D-BF88-FFB6CD0F29BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AE5A4F3B-B855-4980-93D9-347A49E68EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AFAF415-0182-4F5C-A053-266AB919572F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10D7B35B-3531-4372-A338-AD8106799769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3712DA96-DD76-49E3-BA79-30105725DBD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.0.1.766:*:*:*:*:*:*:*",
"matchCriteriaId": "F912B8D6-B915-43A7-8462-F521D44DBD1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40A0AE5B-B449-4494-828E-2FD7414F6FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "109DF494-0194-473B-AF79-185D41202A8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39B77B55-54BB-43D5-A0E9-13F20F7544F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36B7A6B3-8C54-4743-8C42-6B22E9AD719B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E328107F-F19D-427D-A88A-17DCB58A459C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F0670C-C07E-4A84-952B-88200D2D9B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.0.984:*:*:*:*:*:*:*",
"matchCriteriaId": "E8E6305C-F87B-4DF1-94D7-A0C63EE11E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.1.993:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE5BB2B-F9CB-4CDA-9CC9-C6EF5A1FF59F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.1.995:*:*:*:*:*:*:*",
"matchCriteriaId": "A480A0D4-D675-4078-8F30-CD3772818303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.2.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B03DEA-B780-404E-B940-82A7086062C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.2.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "B5CA5961-6BAC-4BE8-95A4-DBEB0596262E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.3.1005:*:*:*:*:*:*:*",
"matchCriteriaId": "ED850FD8-151C-49E7-9DF4-16B88341269B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.4.1025:*:*:*:*:*:*:*",
"matchCriteriaId": "A406438F-7E92-4579-A32B-3E3E1C4FF8E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.1.1077:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDF759C-0AAE-4760-B829-13F055AD290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.2.1094:*:*:*:*:*:*:*",
"matchCriteriaId": "982DE691-B50E-49B2-B4DF-EC518DFFCE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.3.1096:*:*:*:*:*:*:*",
"matchCriteriaId": "7F8EFCA3-2453-4272-9692-22598676DFC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F3CDE-1931-4BD9-9ABD-F07543DAC113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C1E8C06-4E84-4FB8-A513-D8ACC1146BEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.2.2.1137:*:*:*:*:*:*:*",
"matchCriteriaId": "0C45F717-AC74-4F81-947B-0745A7F1883F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en en el servicio IMAP en Qbik WinGate 6.2.2.1137 y anteriores, permiten a atacantes remotos autenticados provocar una denegaci\u00f3n de servicio (agotamiento de recursos) o posiblemente, ejecuci\u00f3n de c\u00f3digo arbitrario a trav\u00e9s de un argumento largo en el comando LIST. NOTA: algunos de estos detalles se han obtenido a partir de informaci\u00f3n de terceros."
}
],
"id": "CVE-2008-3606",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-08-12T19:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31442"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4146"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/495264/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/30606"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020644"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495264/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/30606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-4335
Vulnerability from fkie_nvd - Published: 2007-08-14 18:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qbik:wingate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E07CB259-6976-4537-8EA4-5CC19B985725",
"versionEndIncluding": "6.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AFAF415-0182-4F5C-A053-266AB919572F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F0670C-C07E-4A84-952B-88200D2D9B14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging."
},
{
"lang": "es",
"value": "Vulnerabilidad de cadena de formato en el componente servidor SMTP de Qbik WinGate 5.x y 6.x anterior a 6.2.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del servicio) mediante especificadores de cadena de formato en determinados comandos inesperados, lo cual dispara una ca\u00edda durante el registro de errores."
}
],
"id": "CVE-2007-4335",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-14T18:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26412"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3001"
},
{
"source": "cve@mitre.org",
"url": "http://www.harmonysecurity.com/HS-A007.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/476011/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25272"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25303"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2859"
},
{
"source": "cve@mitre.org",
"url": "http://www.wingate.com/news.php?id=50"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.harmonysecurity.com/HS-A007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/476011/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/25272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.wingate.com/news.php?id=50"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-4518
Vulnerability from fkie_nvd - Published: 2006-11-28 23:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qbik:wingate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F66135DC-C6D1-426D-8E15-4B3C1D57377E",
"versionEndIncluding": "6.1.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop."
},
{
"lang": "es",
"value": "Qbik WinGate 6.1.4 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU) mediante una petici\u00f3n DNS con un puntero auto-referenciado a un nombre comprimido, lo cual dispara un bucle infinito."
}
],
"id": "CVE-2006-4518",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-11-28T23:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://forums.qbik.com/viewtopic.php?t=4215"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23029"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017284"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/21295"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4711"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://forums.qbik.com/viewtopic.php?t=4215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1017284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/21295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-2917
Vulnerability from fkie_nvd - Published: 2006-07-10 19:05 - Updated: 2025-04-03 01:03
Severity ?
Summary
Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.2.1094:*:*:*:*:*:*:*",
"matchCriteriaId": "982DE691-B50E-49B2-B4DF-EC518DFFCE75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.3.1096:*:*:*:*:*:*:*",
"matchCriteriaId": "7F8EFCA3-2453-4272-9692-22598676DFC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en el servidor IMAP en WinGate 6.1.2.1094 y 6.1.3.1096, y posiblemente otras versiones anteriores a 6.1.4 Build 1099, permite a usuarios autenticados leer el correo de otros usuarios, o realizar operaciones no autorizadas en los directorios, a trav\u00e9s de las ordenes 1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, y (7) LIST."
}
],
"id": "CVE-2006-2917",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-10T19:05:00.000",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20707"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2006-48/advisory/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/18908"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.vupen.com/english/advisories/2006/2730"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.wingate.com/download.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2006-48/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2730"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.wingate.com/download.php"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-2926
Vulnerability from fkie_nvd - Published: 2006-06-09 10:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qbik:wingate:6.1.1.1077:*:*:*:*:*:*:*",
"matchCriteriaId": "9FDF759C-0AAE-4760-B829-13F055AD290C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request."
}
],
"id": "CVE-2006-2926",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-09T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20483"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016239"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18312"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2182"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26970"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0789
Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F9180C95-FF6F-4A0C-9DE0-DFF6D8387698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68FA1404-9FA2-4379-96BC-6D7970C0EAA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EABEE7AB-7C45-473E-9873-0423F2249F96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F66F57-6AEB-4E3C-B148-BC7D11E1EBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "611AD3E5-708F-46BB-B21D-09598E1C4771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:7.9.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AD59AEEB-D524-4337-8962-B29863CBC889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F15245AF-B9B6-4D46-A901-A781FC0BAF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A3E1EB-89A5-4326-8977-9B462065C39B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD607D2-2B07-474B-A855-2C3319B42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4B4665-84C4-4129-9916-ABAC61B81FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4131A4A5-5D67-4522-9A6E-E708815B5B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8C30DD0-C957-44BA-B44C-7B424E664B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2E24A5-A864-4F42-A053-2FDA9D09A4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0993A56D-3A68-464A-B580-BE2EC3846F3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF6186E-90D1-4D22-A469-0E955D5F1EF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:delegate:delegate:8.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7323E750-C596-46FC-AA85-9271CC9C2CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7EA693-9873-4201-B66D-D0AC08E7F560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "022F8E8E-F6A1-4782-82D0-686E6FADCF44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9E269F0-8CFD-45DB-AF82-F9F57EDD0D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "752CC26D-33D2-43F1-A43B-E101553895C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "317134CF-981A-44CC-B068-BA762AED5EB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20BAB657-CAB8-4473-9EE5-5F725F2EB1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84D1387B-91E2-4AC8-B387-B50F4D7DFDC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19028501-E538-4F36-8DF7-3D2A76D86895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F7173317-9F5E-4F80-A957-02084B8DC8C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "297935D9-E108-4DB1-B4C8-2AC43DB6EA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "770BBF88-63D2-4AD6-B28F-5664DFFD746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "45B16588-35CA-4640-8FA8-BC63D91C7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA35F28-CAA5-4C03-ABB8-4647537CC8E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9DAC824F-2031-4427-BF38-C32A7644D2B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7884CCA6-2031-41DB-860D-AF18047AF617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dnrd:dnrd:2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A906D87C-5557-4FC0-BBF3-7169EF35DEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC34DC23-117A-403E-9C87-79B1C512A5DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE559DF-3874-42E7-BB5B-8968E52D7A04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "11068A01-20FB-4039-8919-85CF93F0FF2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9435E392-AE02-48A8-9A2D-3D1593DA3DC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:don_moore:mydns:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B3D730-15C0-494A-A0B6-231C9F370A58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.5.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A917E7C9-BC1A-4D62-9A89-9D73A748D926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.5.29:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A01622-5254-4B3B-9412-771BE7400FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3A5A98-3544-4A95-8436-0DF013B22CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.5.31:*:*:*:*:*:*:*",
"matchCriteriaId": "BECF00EC-A188-4B7F-BA51-3AAC3B4195B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maradns:maradns:0.8.05:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2370B5-681D-469F-B07C-B9212A975C60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pliant:pliant_dns_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA13B142-71F9-475E-A28A-DDE94BE0E7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1930E3DE-67BE-41F2-B8E3-BA8E18762C91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.5:*:*:*:*:*:*:*",
"matchCriteriaId": "17C7DD08-C349-4687-8FAF-CCD211A9C166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.6:*:*:*:*:*:*:*",
"matchCriteriaId": "981611C8-B957-428B-9500-37C60AE0E7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D34782A9-4CCB-45AD-BA23-EE98EE218B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1A9D2517-4EAF-4DB9-B0EE-51F65671D45F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.50.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA40391-39D5-4CB7-BB8E-048C4ECBC3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.60.0:*:*:*:*:*:*:*",
"matchCriteriaId": "135BFFE3-FF18-4462-9D19-2DF986E947DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:0.60.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD907CE8-E0CD-46AA-A9E4-3D0FA3939DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:m5pre1:*:*:*:*:*:*:*",
"matchCriteriaId": "530D1254-DC0A-4A7C-9520-D0F45B9AF278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:posadis:posadis:m5pre2:*:*:*:*:*:*:*",
"matchCriteriaId": "5C3BF047-0339-4064-9B3B-68E96F1AB1B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7BC4C8-FB7B-4A88-B97B-984D9AA8EA1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1D98E1-EBE1-4697-906F-E29C91D9074D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:4.1_beta_a:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB1D7C0-E484-4441-AA68-FBA5A3309547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F0670C-C07E-4A84-952B-88200D2D9B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.1_build_993:*:*:*:*:*:*:*",
"matchCriteriaId": "82CD8E2B-37BF-4989-ABF3-9EC8E6F1C079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0.1_build_995:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCFB397-9F5F-42F8-ABB3-9700F100D43D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:team_johnlong:raidendnsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4967B8F-D25F-4B55-842E-0C7819EDA88A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37F0C4C8-E648-4486-BFE3-23333FCFF118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "56647964-82B3-4A7A-BE0D-C252654F8CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B83A6F-1996-49B7-BA76-98B83548F289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E021E51E-EA28-4E61-A08A-A590984A483E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "94ABCB8C-8EED-4635-BA54-735CA12A1F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "38C70CE1-0116-4C91-AB59-0C0D9F17099B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "44B1C47A-938B-4F9B-B4B5-88B8622DC965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E890E332-7A3B-4B6A-91B3-7FEFAF5DBA6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "4830EAF7-9504-4090-8DDD-6CC6658ABFD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "7E26AD96-7BA4-4722-B059-6444FFC2E6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "E06E7446-34EC-428A-82EE-2E24F2908C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2100_network_camera:2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4996E0-097B-4B79-8A1C-CE55F94B8D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0200586F-7F71-47F6-8D2E-F06E1BF418E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "F5764F35-7F21-40D0-A3FF-8EEF97F7931D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "6BE3CF46-91CC-4AFD-B178-48AE90E0E339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "D79A54BC-789D-4ED2-B3BC-C42959D7FFF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "79A8A437-5AF7-448E-9AF8-D8FBA481CFE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "5663D3D1-5962-4C43-B689-089EAFE25FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2110_network_camera:2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "34EDC537-0EFF-46EA-8368-A690480E5D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "39798220-4621-4C5D-B6A7-6639D02E0C07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "05EF66A4-F7BB-40C3-9CBF-5DB8715780C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCA7249-7F8F-4A2D-B98F-6AA0ECF17D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "0E942419-3272-4267-AF23-4B6071D71277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "3848A541-4F14-4E3B-99EE-B7C5A886C541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "34E980E1-62B8-4E37-AE9D-DFE033053620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2120_network_camera:2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "730E6E09-C0C8-4F8A-BE07-BFED00FC1235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2400_video_server:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "81100E37-1B99-4317-829F-B4A2278FA323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2400_video_server:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "10321B16-1675-4609-8267-3971A9062AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2401_video_server:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "35F0E1BA-D05F-41CB-ACD9-035A6DF4735E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD73320-38DA-4606-9CEA-F0C9D5A3215F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "B8374F1E-06BC-4A9E-8666-336AACC1F5BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA3F905-8AC0-42A3-AC63-BA61AE6619AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "46E11270-65DE-4C07-A103-66217691069E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "7B93D2AD-FA36-4A6C-AC52-6FD0F3AE6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "D109CF38-0F5F-4A20-8A4A-DBE14D7826CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6E6FEA-9D2E-4ACD-8C3A-98DA4EB1C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2420_network_camera:2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "10B4A828-33F4-4FB7-9637-3C761A73AEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:axis:2460_network_dvr:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "41CB517F-BDC9-40D0-AB0D-2DFC7669E8F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet."
}
],
"id": "CVE-2004-0789",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13145"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0578
Vulnerability from fkie_nvd - Published: 2004-12-06 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qbik:wingate:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40A0AE5B-B449-4494-828E-2FD7414F6FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E328107F-F19D-427D-A88A-17DCB58A459C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0_beta_2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D445EB5-ED3A-4476-9395-1EFD19A9B6A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory."
},
{
"lang": "es",
"value": "WinGate 5.2.3 build 901 y 6.0 beta 2 build 942, y otras versiones como 5.0.5 permiten a atacantes remotos leer ficheros arbitrarios mediante caract\u00e9res barra (//) en el principio de una petici\u00f3n URL al directorio wingate-internal."
}
],
"id": "CVE-2004-0578",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0577
Vulnerability from fkie_nvd - Published: 2004-12-06 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qbik:wingate:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "40A0AE5B-B449-4494-828E-2FD7414F6FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E328107F-F19D-427D-A88A-17DCB58A459C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:qbik:wingate:6.0_beta_2:*:*:*:*:*:*:*",
"matchCriteriaId": "2D445EB5-ED3A-4476-9395-1EFD19A9B6A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory."
},
{
"lang": "es",
"value": "Wingate 5.2.3 build 901 y 6.0 beta 2 build 942, y otras versiones como la 5.0.5, permite a atacantes remotos leer ficheros arbitraios del directorio ra\u00edz mediante un petici\u00f3n URL al directorio wingate-internal."
}
],
"id": "CVE-2004-0577",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-13866 (GCVE-0-2020-13866)
Vulnerability from cvelistv5 – Published: 2020-06-08 15:58 – Updated: 2024-08-04 12:32
VLAI?
Summary
WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt"
},
{
"name": "20200609 WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Jun/11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-09T18:06:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt"
},
{
"name": "20200609 WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Jun/11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html"
},
{
"name": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt",
"refsource": "MISC",
"url": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt"
},
{
"name": "20200609 WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Jun/11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13866",
"datePublished": "2020-06-08T15:58:11",
"dateReserved": "2020-06-04T00:00:00",
"dateUpdated": "2024-08-04T12:32:14.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0802 (GCVE-0-2009-0802)
Vulnerability from cvelistv5 – Published: 2009-03-04 16:00 – Updated: 2024-09-16 23:05
VLAI?
Summary
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33858",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33858"
},
{
"name": "VU#435052",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/435052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-04T16:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33858",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33858"
},
{
"name": "VU#435052",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/435052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33858",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33858"
},
{
"name": "VU#435052",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/435052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0802",
"datePublished": "2009-03-04T16:00:00Z",
"dateReserved": "2009-03-04T00:00:00Z",
"dateUpdated": "2024-09-16T23:05:39.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3606 (GCVE-0-2008-3606)
Vulnerability from cvelistv5 – Published: 2008-08-12 19:00 – Updated: 2024-08-07 09:45
VLAI?
Summary
Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30606",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30606"
},
{
"name": "1020644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020644"
},
{
"name": "31442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31442"
},
{
"name": "4146",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4146"
},
{
"name": "20080808 [AJECT] WinGate Email Server (IMAP) vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495264/100/0/threaded"
},
{
"name": "wingate-imapserver-bo(44370)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30606",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30606"
},
{
"name": "1020644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020644"
},
{
"name": "31442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31442"
},
{
"name": "4146",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4146"
},
{
"name": "20080808 [AJECT] WinGate Email Server (IMAP) vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495264/100/0/threaded"
},
{
"name": "wingate-imapserver-bo(44370)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30606",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30606"
},
{
"name": "1020644",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020644"
},
{
"name": "31442",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31442"
},
{
"name": "4146",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4146"
},
{
"name": "20080808 [AJECT] WinGate Email Server (IMAP) vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495264/100/0/threaded"
},
{
"name": "wingate-imapserver-bo(44370)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3606",
"datePublished": "2008-08-12T19:00:00",
"dateReserved": "2008-08-12T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4335 (GCVE-0-2007-4335)
Vulnerability from cvelistv5 – Published: 2007-08-14 18:00 – Updated: 2024-08-07 14:53
VLAI?
Summary
Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.harmonysecurity.com/HS-A007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wingate.com/news.php?id=50"
},
{
"name": "3001",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3001"
},
{
"name": "25272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25272"
},
{
"name": "25303",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25303"
},
{
"name": "qbik-smtp-dos(35950)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950"
},
{
"name": "20070810 [HS-A007] Qbik WinGate Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/476011/100/0/threaded"
},
{
"name": "26412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26412"
},
{
"name": "ADV-2007-2859",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2859"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.harmonysecurity.com/HS-A007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wingate.com/news.php?id=50"
},
{
"name": "3001",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3001"
},
{
"name": "25272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25272"
},
{
"name": "25303",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25303"
},
{
"name": "qbik-smtp-dos(35950)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950"
},
{
"name": "20070810 [HS-A007] Qbik WinGate Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/476011/100/0/threaded"
},
{
"name": "26412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26412"
},
{
"name": "ADV-2007-2859",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2859"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.harmonysecurity.com/HS-A007.html",
"refsource": "MISC",
"url": "http://www.harmonysecurity.com/HS-A007.html"
},
{
"name": "http://www.wingate.com/news.php?id=50",
"refsource": "CONFIRM",
"url": "http://www.wingate.com/news.php?id=50"
},
{
"name": "3001",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3001"
},
{
"name": "25272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25272"
},
{
"name": "25303",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25303"
},
{
"name": "qbik-smtp-dos(35950)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950"
},
{
"name": "20070810 [HS-A007] Qbik WinGate Remote Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476011/100/0/threaded"
},
{
"name": "26412",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26412"
},
{
"name": "ADV-2007-2859",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2859"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4335",
"datePublished": "2007-08-14T18:00:00",
"dateReserved": "2007-08-14T00:00:00",
"dateUpdated": "2024-08-07T14:53:55.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4518 (GCVE-0-2006-4518)
Vulnerability from cvelistv5 – Published: 2006-11-28 23:00 – Updated: 2024-08-07 19:14
VLAI?
Summary
Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21295"
},
{
"name": "20061126 Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
},
{
"name": "1017284",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.qbik.com/viewtopic.php?t=4215"
},
{
"name": "qbik-name-pointer-dos(30491)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
},
{
"name": "ADV-2006-4711",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4711"
},
{
"name": "23029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23029"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21295"
},
{
"name": "20061126 Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
},
{
"name": "1017284",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.qbik.com/viewtopic.php?t=4215"
},
{
"name": "qbik-name-pointer-dos(30491)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
},
{
"name": "ADV-2006-4711",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4711"
},
{
"name": "23029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23029"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21295"
},
{
"name": "20061126 Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
},
{
"name": "1017284",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017284"
},
{
"name": "http://forums.qbik.com/viewtopic.php?t=4215",
"refsource": "CONFIRM",
"url": "http://forums.qbik.com/viewtopic.php?t=4215"
},
{
"name": "qbik-name-pointer-dos(30491)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
},
{
"name": "ADV-2006-4711",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4711"
},
{
"name": "23029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23029"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4518",
"datePublished": "2006-11-28T23:00:00",
"dateReserved": "2006-08-31T00:00:00",
"dateUpdated": "2024-08-07T19:14:47.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2917 (GCVE-0-2006-2917)
Vulnerability from cvelistv5 – Published: 2006-07-10 19:00 – Updated: 2024-08-07 18:06
VLAI?
Summary
Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-48/advisory/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.wingate.com/download.php"
},
{
"name": "18908",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18908"
},
{
"name": "20707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20707"
},
{
"name": "ADV-2006-2730",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2730"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-48/advisory/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.wingate.com/download.php"
},
{
"name": "18908",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18908"
},
{
"name": "20707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20707"
},
{
"name": "ADV-2006-2730",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2730"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-2917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2006-48/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-48/advisory/"
},
{
"name": "http://www.wingate.com/download.php",
"refsource": "MISC",
"url": "http://www.wingate.com/download.php"
},
{
"name": "18908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18908"
},
{
"name": "20707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20707"
},
{
"name": "ADV-2006-2730",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2730"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-2917",
"datePublished": "2006-07-10T19:00:00",
"dateReserved": "2006-06-08T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2926 (GCVE-0-2006-2926)
Vulnerability from cvelistv5 – Published: 2006-06-09 10:00 – Updated: 2024-08-07 18:06
VLAI?
Summary
Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18312",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18312"
},
{
"name": "wingate-http-proxy-bo(26970)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26970"
},
{
"name": "1016239",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016239"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html"
},
{
"name": "20483",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20483"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html"
},
{
"name": "ADV-2006-2182",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18312",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18312"
},
{
"name": "wingate-http-proxy-bo(26970)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26970"
},
{
"name": "1016239",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016239"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html"
},
{
"name": "20483",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20483"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html"
},
{
"name": "ADV-2006-2182",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18312"
},
{
"name": "wingate-http-proxy-bo(26970)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26970"
},
{
"name": "1016239",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016239"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html"
},
{
"name": "20483",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20483"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html"
},
{
"name": "ADV-2006-2182",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2926",
"datePublished": "2006-06-09T10:00:00",
"dateReserved": "2006-06-09T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0789 (GCVE-0-2004-0789)
Vulnerability from cvelistv5 – Published: 2005-09-01 04:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13145"
},
{
"name": "dns-localhost-dos(17997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"name": "1012157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"name": "11642",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13145"
},
{
"name": "dns-localhost-dos(17997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"name": "1012157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"name": "11642",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13145",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13145"
},
{
"name": "dns-localhost-dos(17997)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"name": "1012157",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012157"
},
{
"name": "11642",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11642"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"name": "http://www.posadis.org/advisories/pos_adv_006.txt",
"refsource": "CONFIRM",
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0789",
"datePublished": "2005-09-01T04:00:00",
"dateReserved": "2004-08-17T00:00:00",
"dateUpdated": "2024-08-08T00:31:46.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0577 (GCVE-0-2004-0577)
Vulnerability from cvelistv5 – Published: 2004-07-06 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040701 iDEFENSE Security Advisory 07.01.04: WinGate Information Disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"name": "wingate-directory-traversal(16589)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040701 iDEFENSE Security Advisory 07.01.04: WinGate Information Disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"name": "wingate-directory-traversal(16589)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040701 iDEFENSE Security Advisory 07.01.04: WinGate Information Disclosure",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"name": "http://www.idefense.com/application/poi/display?id=113",
"refsource": "MISC",
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"name": "wingate-directory-traversal(16589)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0577",
"datePublished": "2004-07-06T04:00:00",
"dateReserved": "2004-06-17T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13866 (GCVE-0-2020-13866)
Vulnerability from nvd – Published: 2020-06-08 15:58 – Updated: 2024-08-04 12:32
VLAI?
Summary
WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt"
},
{
"name": "20200609 WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Jun/11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-09T18:06:14",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt"
},
{
"name": "20200609 WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Jun/11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157958/WinGate-9.4.1.5998-Insecure-Permissions-Privilege-Escalation.html"
},
{
"name": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt",
"refsource": "MISC",
"url": "http://hyp3rlinx.altervista.org/advisories/WINGATE-INSECURE-PERMISSIONS-LOCAL-PRIVILEGE-ESCALATION.txt"
},
{
"name": "20200609 WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Jun/11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-13866",
"datePublished": "2020-06-08T15:58:11",
"dateReserved": "2020-06-04T00:00:00",
"dateUpdated": "2024-08-04T12:32:14.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0802 (GCVE-0-2009-0802)
Vulnerability from nvd – Published: 2009-03-04 16:00 – Updated: 2024-09-16 23:05
VLAI?
Summary
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.285Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33858",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33858"
},
{
"name": "VU#435052",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/435052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-03-04T16:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33858",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33858"
},
{
"name": "VU#435052",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/435052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33858",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33858"
},
{
"name": "VU#435052",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/435052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0802",
"datePublished": "2009-03-04T16:00:00Z",
"dateReserved": "2009-03-04T00:00:00Z",
"dateUpdated": "2024-09-16T23:05:39.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3606 (GCVE-0-2008-3606)
Vulnerability from nvd – Published: 2008-08-12 19:00 – Updated: 2024-08-07 09:45
VLAI?
Summary
Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:45:18.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30606",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30606"
},
{
"name": "1020644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020644"
},
{
"name": "31442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31442"
},
{
"name": "4146",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4146"
},
{
"name": "20080808 [AJECT] WinGate Email Server (IMAP) vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495264/100/0/threaded"
},
{
"name": "wingate-imapserver-bo(44370)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30606",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30606"
},
{
"name": "1020644",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020644"
},
{
"name": "31442",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31442"
},
{
"name": "4146",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4146"
},
{
"name": "20080808 [AJECT] WinGate Email Server (IMAP) vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495264/100/0/threaded"
},
{
"name": "wingate-imapserver-bo(44370)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30606",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30606"
},
{
"name": "1020644",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020644"
},
{
"name": "31442",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31442"
},
{
"name": "4146",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4146"
},
{
"name": "20080808 [AJECT] WinGate Email Server (IMAP) vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495264/100/0/threaded"
},
{
"name": "wingate-imapserver-bo(44370)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44370"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3606",
"datePublished": "2008-08-12T19:00:00",
"dateReserved": "2008-08-12T00:00:00",
"dateUpdated": "2024-08-07T09:45:18.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4335 (GCVE-0-2007-4335)
Vulnerability from nvd – Published: 2007-08-14 18:00 – Updated: 2024-08-07 14:53
VLAI?
Summary
Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.harmonysecurity.com/HS-A007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wingate.com/news.php?id=50"
},
{
"name": "3001",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3001"
},
{
"name": "25272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25272"
},
{
"name": "25303",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25303"
},
{
"name": "qbik-smtp-dos(35950)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950"
},
{
"name": "20070810 [HS-A007] Qbik WinGate Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/476011/100/0/threaded"
},
{
"name": "26412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26412"
},
{
"name": "ADV-2007-2859",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2859"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.harmonysecurity.com/HS-A007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wingate.com/news.php?id=50"
},
{
"name": "3001",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3001"
},
{
"name": "25272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25272"
},
{
"name": "25303",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25303"
},
{
"name": "qbik-smtp-dos(35950)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950"
},
{
"name": "20070810 [HS-A007] Qbik WinGate Remote Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/476011/100/0/threaded"
},
{
"name": "26412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26412"
},
{
"name": "ADV-2007-2859",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2859"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.harmonysecurity.com/HS-A007.html",
"refsource": "MISC",
"url": "http://www.harmonysecurity.com/HS-A007.html"
},
{
"name": "http://www.wingate.com/news.php?id=50",
"refsource": "CONFIRM",
"url": "http://www.wingate.com/news.php?id=50"
},
{
"name": "3001",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3001"
},
{
"name": "25272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25272"
},
{
"name": "25303",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25303"
},
{
"name": "qbik-smtp-dos(35950)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950"
},
{
"name": "20070810 [HS-A007] Qbik WinGate Remote Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476011/100/0/threaded"
},
{
"name": "26412",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26412"
},
{
"name": "ADV-2007-2859",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2859"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4335",
"datePublished": "2007-08-14T18:00:00",
"dateReserved": "2007-08-14T00:00:00",
"dateUpdated": "2024-08-07T14:53:55.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4518 (GCVE-0-2006-4518)
Vulnerability from nvd – Published: 2006-11-28 23:00 – Updated: 2024-08-07 19:14
VLAI?
Summary
Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21295"
},
{
"name": "20061126 Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
},
{
"name": "1017284",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://forums.qbik.com/viewtopic.php?t=4215"
},
{
"name": "qbik-name-pointer-dos(30491)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
},
{
"name": "ADV-2006-4711",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4711"
},
{
"name": "23029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23029"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21295"
},
{
"name": "20061126 Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
},
{
"name": "1017284",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://forums.qbik.com/viewtopic.php?t=4215"
},
{
"name": "qbik-name-pointer-dos(30491)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
},
{
"name": "ADV-2006-4711",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4711"
},
{
"name": "23029",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23029"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21295"
},
{
"name": "20061126 Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
},
{
"name": "1017284",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017284"
},
{
"name": "http://forums.qbik.com/viewtopic.php?t=4215",
"refsource": "CONFIRM",
"url": "http://forums.qbik.com/viewtopic.php?t=4215"
},
{
"name": "qbik-name-pointer-dos(30491)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
},
{
"name": "ADV-2006-4711",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4711"
},
{
"name": "23029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23029"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4518",
"datePublished": "2006-11-28T23:00:00",
"dateReserved": "2006-08-31T00:00:00",
"dateUpdated": "2024-08-07T19:14:47.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2917 (GCVE-0-2006-2917)
Vulnerability from nvd – Published: 2006-07-10 19:00 – Updated: 2024-08-07 18:06
VLAI?
Summary
Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-48/advisory/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.wingate.com/download.php"
},
{
"name": "18908",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18908"
},
{
"name": "20707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20707"
},
{
"name": "ADV-2006-2730",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2730"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-48/advisory/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.wingate.com/download.php"
},
{
"name": "18908",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18908"
},
{
"name": "20707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20707"
},
{
"name": "ADV-2006-2730",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2730"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2006-2917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2006-48/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-48/advisory/"
},
{
"name": "http://www.wingate.com/download.php",
"refsource": "MISC",
"url": "http://www.wingate.com/download.php"
},
{
"name": "18908",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18908"
},
{
"name": "20707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20707"
},
{
"name": "ADV-2006-2730",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2730"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2006-2917",
"datePublished": "2006-07-10T19:00:00",
"dateReserved": "2006-06-08T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2926 (GCVE-0-2006-2926)
Vulnerability from nvd – Published: 2006-06-09 10:00 – Updated: 2024-08-07 18:06
VLAI?
Summary
Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18312",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18312"
},
{
"name": "wingate-http-proxy-bo(26970)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26970"
},
{
"name": "1016239",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016239"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html"
},
{
"name": "20483",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20483"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html"
},
{
"name": "ADV-2006-2182",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "18312",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18312"
},
{
"name": "wingate-http-proxy-bo(26970)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26970"
},
{
"name": "1016239",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016239"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html"
},
{
"name": "20483",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20483"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html"
},
{
"name": "ADV-2006-2182",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18312"
},
{
"name": "wingate-http-proxy-bo(26970)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26970"
},
{
"name": "1016239",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016239"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html"
},
{
"name": "20483",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20483"
},
{
"name": "20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html"
},
{
"name": "ADV-2006-2182",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2926",
"datePublished": "2006-06-09T10:00:00",
"dateReserved": "2006-06-09T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0789 (GCVE-0-2004-0789)
Vulnerability from nvd – Published: 2005-09-01 04:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:46.847Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13145"
},
{
"name": "dns-localhost-dos(17997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"name": "1012157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"name": "11642",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13145"
},
{
"name": "dns-localhost-dos(17997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"name": "1012157",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012157"
},
{
"name": "11642",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11642"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men \u0026 Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13145",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13145"
},
{
"name": "dns-localhost-dos(17997)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17997"
},
{
"name": "1012157",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012157"
},
{
"name": "11642",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11642"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en"
},
{
"name": "http://www.posadis.org/advisories/pos_adv_006.txt",
"refsource": "CONFIRM",
"url": "http://www.posadis.org/advisories/pos_adv_006.txt"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0789",
"datePublished": "2005-09-01T04:00:00",
"dateReserved": "2004-08-17T00:00:00",
"dateUpdated": "2024-08-08T00:31:46.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0577 (GCVE-0-2004-0577)
Vulnerability from nvd – Published: 2004-07-06 04:00 – Updated: 2024-08-08 00:24
VLAI?
Summary
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:26.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040701 iDEFENSE Security Advisory 07.01.04: WinGate Information Disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"name": "wingate-directory-traversal(16589)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-07-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040701 iDEFENSE Security Advisory 07.01.04: WinGate Information Disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"name": "wingate-directory-traversal(16589)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040701 iDEFENSE Security Advisory 07.01.04: WinGate Information Disclosure",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=108872788123695\u0026w=2"
},
{
"name": "http://www.idefense.com/application/poi/display?id=113",
"refsource": "MISC",
"url": "http://www.idefense.com/application/poi/display?id=113"
},
{
"name": "wingate-directory-traversal(16589)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16589"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0577",
"datePublished": "2004-07-06T04:00:00",
"dateReserved": "2004-06-17T00:00:00",
"dateUpdated": "2024-08-08T00:24:26.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}