VAR-200501-0251
Vulnerability from variot - Updated: 2023-12-18 14:07Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information. It is reported that Nortel Contivity VPN client is susceptible to a username enumeration vulnerability. Attackers may exploit this vulnerability to discern valid usernames. This may aid them in brute force password cracking, or other attacks. Versions prior to 5.01_030 are reported susceptible to this issue. Nortel Networks Contivity VPN Client is the client software for Nortel VPN devices. Name: User Account Enumeration in Nortel Contivity VPN Vendor: Nortel Networks Products Affected: Nortel Networks Contivity VPN Client Type: Remote User Account Enumeration Severity: Medium
I. This bug was discovered as part of a penetration test we carried out on the VPN server of a client.
II. Description 1.
III. Impact The different error messages could enable a malicious person to guess valid user names on the Contivity VPN/Firewall, and then launch password-guessing attacks against these accounts.
IV. Solution This issue is resolved in Contivity VPN Client for Windows V5.01_030
Refer to the CERT VU Note at http://www.kb.cert.org/vuls/id/830214 and our full advisory at http://www.nii.co.in/vuln/contivity.html for information about vendor response, applying the patches, and other technical details.
V. About Network Intelligence India We're a leading provider of information security services and products. Our AuditPro suite of security assessment software provides comprehensive, policy-based security audits for Windows 2000, 2003, XP, Redhat Linux, Sun Solaris, Oracle and MS SQL Servers. For more information, visit us at http://www.nii.co.in
* Happy Diwali AND Eid Mubarak! *
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0251",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "4.91"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": "networks contivity vpn client",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4.91"
},
{
"model": "networks contivity vpn client 1 030",
"scope": "ne",
"trust": 0.3,
"vendor": "nortel",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4.91:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1105"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "K. K. Mookhey of Network Intelligence India reported this vulnerability.",
"sources": [
{
"db": "BID",
"id": "11623"
}
],
"trust": 0.3
},
"cve": "CVE-2004-1105",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9535",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1105",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#830214",
"trust": 0.8,
"value": "0.65"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-213",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-9535",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information. It is reported that Nortel Contivity VPN client is susceptible to a username enumeration vulnerability. \nAttackers may exploit this vulnerability to discern valid usernames. This may aid them in brute force password cracking, or other attacks. \nVersions prior to 5.01_030 are reported susceptible to this issue. Nortel Networks Contivity VPN Client is the client software for Nortel VPN devices. Name: User Account Enumeration in Nortel Contivity VPN\nVendor: Nortel Networks\nProducts Affected: Nortel Networks Contivity VPN Client\nType: Remote User Account Enumeration\nSeverity: Medium\n\nI. This bug was discovered as \npart of a penetration test we carried out on the VPN server of a client. \n\nII. Description\n1. \n\nIII. Impact\nThe different error messages could enable a malicious person to guess\nvalid user names on the Contivity VPN/Firewall, and then launch\npassword-guessing attacks against these accounts. \n\nIV. Solution\nThis issue is resolved in Contivity VPN Client for Windows V5.01_030\n\nRefer to the CERT VU Note at\nhttp://www.kb.cert.org/vuls/id/830214 and our full advisory at \nhttp://www.nii.co.in/vuln/contivity.html\nfor information about vendor response, applying the patches, and other\ntechnical details. \n\nV. About Network Intelligence India\nWe\u0027re a leading provider of information security services and products. \nOur AuditPro suite of security assessment software provides\ncomprehensive, policy-based security audits for Windows 2000, 2003, XP,\nRedhat Linux, Sun Solaris, Oracle and MS SQL Servers. For more\ninformation, visit us at http://www.nii.co.in\n\n**** Happy Diwali AND Eid Mubarak! ****\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "PACKETSTORM",
"id": "35003"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#830214",
"trust": 2.9
},
{
"db": "BID",
"id": "11623",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-1105",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213",
"trust": 0.7
},
{
"db": "XF",
"id": "17988",
"trust": 0.6
},
{
"db": "VULNERABILITY NOTE",
"id": "VU#830214",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20041110 NORTEL NETWORKS CONTIVITY VPN CLIENT INFORMATION LEAKAGE VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-9535",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "35003",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "PACKETSTORM",
"id": "35003"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"id": "VAR-200501-0251",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9535"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:07:00.874000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1105"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/830214"
},
{
"trust": 2.0,
"url": "http://www.kb.cert.org/vuls/id/crdy-626n7f"
},
{
"trust": 1.8,
"url": "http://www.nii.co.in/vuln/contivity.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11623"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17988"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/17988"
},
{
"trust": 0.3,
"url": "http://www.nortelnetworks.com/products/01/contivity/multi_os/"
},
{
"trust": 0.1,
"url": "http://www.nii.co.in"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "PACKETSTORM",
"id": "35003"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#830214"
},
{
"db": "VULHUB",
"id": "VHN-9535"
},
{
"db": "BID",
"id": "11623"
},
{
"db": "PACKETSTORM",
"id": "35003"
},
{
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-08T00:00:00",
"db": "CERT/CC",
"id": "VU#830214"
},
{
"date": "2005-01-10T00:00:00",
"db": "VULHUB",
"id": "VHN-9535"
},
{
"date": "2004-11-08T00:00:00",
"db": "BID",
"id": "11623"
},
{
"date": "2004-11-12T03:43:05",
"db": "PACKETSTORM",
"id": "35003"
},
{
"date": "2005-01-10T05:00:00",
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"date": "2005-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-08T00:00:00",
"db": "CERT/CC",
"id": "VU#830214"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9535"
},
{
"date": "2004-11-08T00:00:00",
"db": "BID",
"id": "11623"
},
{
"date": "2017-07-11T01:30:44.747000",
"db": "NVD",
"id": "CVE-2004-1105"
},
{
"date": "2006-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel Networks Contivity VPN Client information leakage vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#830214"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-213"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…