var-200706-0098
Vulnerability from variot
Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter. Both Ingate Firewall and SIParator are enterprise-class hardware firewall devices. Multiple security vulnerabilities exist in Ingate Firewall and SIParator that can be exploited by malicious users to perform spoofing attacks, bypass certain security restrictions, or cause denial of service. 1) If the IPsec tunnel is set up to allow the \"Remote/private address\" hive, it is possible to allow any user hive. 3) Verifying errors in DSA and ECDSA key signatures may result in forgery of server certificates. 4) Verifying errors in HMAC digest may increase the chances of successfully forging SNMPv3 messages. 5) An error in forcing a reject policy from a message that does not use a gateway may result in bypassing spoof protection. 6) Multiple errors in the SIP module may allow a crash or hang due to a specially crafted message. Versions prior to 4.7.1 are vulnerable. Ingate Siparator is prone to a security bypass vulnerability
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-200706-0098", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "siparator", scope: "eq", trust: 1.2, vendor: "ingate", version: "4.5.1", }, { model: "firewall", scope: "eq", trust: 1.2, vendor: "ingate", version: "4.5.1", }, { model: "siparator", scope: "lte", trust: 1, vendor: "ingate", version: "4.5.1", }, { model: "firewall", scope: "lte", trust: 1, vendor: "ingate", version: "4.5.1", }, { model: "firewall", scope: null, trust: 0.8, vendor: "ingate", version: null, }, { model: "siparator", scope: "lt", trust: 0.8, vendor: "ingate", version: "4.5.2", }, { model: null, scope: null, trust: 0.6, vendor: "no", version: null, }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.6.4", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.6.1", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.6", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.5.2", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.4.1", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3.4", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3.3", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3.2", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3.1", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.2.3", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.2.2", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.2.1", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "3.3.1", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "3.2.1", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "3.2", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "3.1", }, { model: "siparator", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.4", }, { model: "firewalll", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.4", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.6.4", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.6.1", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.6", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.5.2", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.4.1", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3.4", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3.3", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3.2", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3.1", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.3", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.2.3", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.2.2", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.2.1", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "4.1.3", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "3.3.1", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "3.2.1", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "3.2", }, { model: "firewall", scope: "eq", trust: 0.3, vendor: "ingate", version: "3.1", }, { model: "siparator", scope: "ne", trust: 0.3, vendor: "ingate", version: "4.7.1", }, { model: "firewall", scope: "ne", trust: 0.3, vendor: "ingate", version: "4.7.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2009-1714", }, { db: "BID", id: "34309", }, { db: "BID", id: "86090", }, { db: "JVNDB", id: "JVNDB-2007-003989", }, { db: "NVD", id: "CVE-2007-3177", }, { db: "CNNVD", id: "CNNVD-200706-142", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.5.1", vulnerable: true, }, { cpe23Uri: "cpe:2.3:h:ingate:ingate_siparator:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "4.5.1", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2007-3177", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ingate", sources: [ { db: "BID", id: "34309", }, ], trust: 0.3, }, cve: "CVE-2007-3177", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2007-3177", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "CNVD-2009-1714", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-26539", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2007-3177", trust: 1.8, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2009-1714", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-200706-142", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-26539", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2009-1714", }, { db: "VULHUB", id: "VHN-26539", }, { db: "JVNDB", id: "JVNDB-2007-003989", }, { db: "NVD", id: "CVE-2007-3177", }, { db: "CNNVD", id: "CNNVD-200706-142", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter. Both Ingate Firewall and SIParator are enterprise-class hardware firewall devices. Multiple security vulnerabilities exist in Ingate Firewall and SIParator that can be exploited by malicious users to perform spoofing attacks, bypass certain security restrictions, or cause denial of service. 1) If the IPsec tunnel is set up to allow the \\\"Remote/private address\\\" hive, it is possible to allow any user hive. 3) Verifying errors in DSA and ECDSA key signatures may result in forgery of server certificates. 4) Verifying errors in HMAC digest may increase the chances of successfully forging SNMPv3 messages. 5) An error in forcing a reject policy from a message that does not use a gateway may result in bypassing spoof protection. 6) Multiple errors in the SIP module may allow a crash or hang due to a specially crafted message. \nVersions prior to 4.7.1 are vulnerable. Ingate Siparator is prone to a security bypass vulnerability", sources: [ { db: "NVD", id: "CVE-2007-3177", }, { db: "JVNDB", id: "JVNDB-2007-003989", }, { db: "CNVD", id: "CNVD-2009-1714", }, { db: "BID", id: "34309", }, { db: "BID", id: "86090", }, { db: "VULHUB", id: "VHN-26539", }, ], trust: 2.79, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2007-3177", trust: 2.8, }, { db: "SECUNIA", id: "25420", trust: 2.3, }, { db: "VUPEN", id: "ADV-2007-1973", trust: 1.7, }, { db: "OSVDB", id: "36708", trust: 1.7, }, { db: "BID", id: "34309", trust: 0.9, }, { db: "XF", id: "34887", trust: 0.9, }, { db: "JVNDB", id: "JVNDB-2007-003989", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-200706-142", trust: 0.7, }, { db: "CNVD", id: "CNVD-2009-1714", trust: 0.6, }, { db: "BID", id: "86090", trust: 0.4, }, { db: "VULHUB", id: "VHN-26539", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2009-1714", }, { db: "VULHUB", id: "VHN-26539", }, { db: "BID", id: "34309", }, { db: "BID", id: "86090", }, { db: "JVNDB", id: "JVNDB-2007-003989", }, { db: "NVD", id: "CVE-2007-3177", }, { db: "CNNVD", id: "CNNVD-200706-142", }, ], }, id: "VAR-200706-0098", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2009-1714", }, { db: "VULHUB", id: "VHN-26539", }, ], trust: 0.06999999999999999, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2009-1714", }, ], }, last_update_date: "2023-12-18T10:53:26.989000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Ingate Firewall", trust: 0.8, url: "http://www.ingate.com/firewalls.php", }, { title: "Patch for multiple security vulnerabilities in InGate Firewall and SIParator", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/43113", }, ], sources: [ { db: "CNVD", id: "CNVD-2009-1714", }, { db: "JVNDB", id: "JVNDB-2007-003989", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-287", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-26539", }, { db: "JVNDB", id: "JVNDB-2007-003989", }, { db: "NVD", id: "CVE-2007-3177", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "http://www.ingate.com/relnote-452.php", }, { trust: 1.7, url: "http://osvdb.org/36708", }, { trust: 1.7, url: "http://secunia.com/advisories/25420", }, { trust: 1.1, url: "http://www.vupen.com/english/advisories/2007/1973", }, { trust: 1.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/34887", }, { trust: 0.9, url: "http://xforce.iss.net/xforce/xfdb/34887", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3177", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3177", }, { trust: 0.6, url: "http://secunia.com/advisories/25420/", }, { trust: 0.6, url: "http://www.frsirt.com/english/advisories/2007/1973", }, { trust: 0.3, url: "http://www.ingate.com/", }, { trust: 0.3, url: "http://www.ingate.com/relnote.php?ver=471", }, ], sources: [ { db: "CNVD", id: "CNVD-2009-1714", }, { db: "VULHUB", id: "VHN-26539", }, { db: "BID", id: "34309", }, { db: "BID", id: "86090", }, { db: "JVNDB", id: "JVNDB-2007-003989", }, { db: "NVD", id: "CVE-2007-3177", }, { db: "CNNVD", id: "CNNVD-200706-142", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2009-1714", }, { db: "VULHUB", id: "VHN-26539", }, { db: "BID", id: "34309", }, { db: "BID", id: "86090", }, { db: "JVNDB", id: "JVNDB-2007-003989", }, { db: "NVD", id: "CVE-2007-3177", }, { db: "CNNVD", id: "CNNVD-200706-142", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2009-03-23T00:00:00", db: "CNVD", id: "CNVD-2009-1714", }, { date: "2007-06-11T00:00:00", db: "VULHUB", id: "VHN-26539", }, { date: "2009-03-23T00:00:00", db: "BID", id: "34309", }, { date: "2007-06-11T00:00:00", db: "BID", id: "86090", }, { date: "2012-09-25T00:00:00", db: "JVNDB", id: "JVNDB-2007-003989", }, { date: "2007-06-11T22:30:00", db: "NVD", id: "CVE-2007-3177", }, { date: "2007-06-11T00:00:00", db: "CNNVD", id: "CNNVD-200706-142", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2014-01-27T00:00:00", db: "CNVD", id: "CNVD-2009-1714", }, { date: "2017-07-29T00:00:00", db: "VULHUB", id: "VHN-26539", }, { date: "2009-04-01T17:06:00", db: "BID", id: "34309", }, { date: "2007-06-11T00:00:00", db: "BID", id: "86090", }, { date: "2012-09-25T00:00:00", db: "JVNDB", id: "JVNDB-2007-003989", }, { date: "2017-07-29T01:32:02.050000", db: "NVD", id: "CVE-2007-3177", }, { date: "2007-06-13T00:00:00", db: "CNNVD", id: "CNNVD-200706-142", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "network", sources: [ { db: "BID", id: "34309", }, { db: "BID", id: "86090", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ingate Firewall Etc. SIP Vulnerability that bypasses authentication", sources: [ { db: "JVNDB", id: "JVNDB-2007-003989", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "authorization issue", sources: [ { db: "CNNVD", id: "CNNVD-200706-142", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
This schema specifies the format of a comment related to a security advisory.
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.