Lucene search

[email protected]CVE-2006-2924

HistoryJun 09, 2006 - 10:02 a.m.

CVE-2006-2924

2006-06-0910:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ingate firewall

siparator

4.4.1

remote attackers

denial of service

ssl/tls handshake

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.034 Low

EPSS

Percentile

91.3%

JSON

Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake.

CPENameOperatorVersion
ingate:ingate_siparatoringate ingate siparatoreq4.3.4
ingate:ingate_firewallingate ingate firewallle4.4.0
ingate:ingate_firewallingate ingate firewalleq4.3.4
ingate:ingate_siparatoringate ingate siparatorle4.4.0

CPE	Name	Operator	Version
ingate:ingate_siparator	ingate ingate siparator	eq	4.3.4
ingate:ingate_firewall	ingate ingate firewall	le	4.4.0
ingate:ingate_firewall	ingate ingate firewall	eq	4.3.4
ingate:ingate_siparator	ingate ingate siparator	le	4.4.0

References

secunia.com/advisories/20479

securitytracker.com/id?1016244

securitytracker.com/id?1016245

www.ingate.com/relnote-441.php

www.securityfocus.com/bid/18318

www.vupen.com/english/advisories/2006/2183

exchange.xforce.ibmcloud.com/vulnerabilities/26977

7.5 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.034 Low

EPSS

Percentile

91.3%

JSON

Related for CVE-2006-2924

prion1