5903 matches found
CVE-2005-3058
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an 1 HTTP request terminated with a line feed LF and not carriage return line feed CRLF or 2 HTTP request with no Host field, which is still processed by mo...
CVE-2005-4570
The Internet Key Exchange version 1 IKEv1 implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service termination of a process that is automatically restarted via IKE packets with invalid values of...
CVE-2005-4570
The CVE-2005-4570 entry concerns IKEv1 implementations in Fortinet FortiOS (versions 2.50, 2.80, 3.0), FortiClient 2.0, and FortiManager 2.80/3.0, where remote attackers can trigger a denial of service by sending IKE/ISAKMP packets with invalid IPSec attribute values. The issue is tied to process...
CVE-2005-4570
The Internet Key Exchange version 1 IKEv1 implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service termination of a process that is automatically restarted via IKE packets with invalid values of...
phpMyChat Multiple XSS vulnerabilities.
phpMyChat Multiple XSS vulnerabilities. I. BACKGROUND phpMyChat is an easy-to-install, easy-to-use multi-room chat based on PHP and a database, supporting MySQL, PostgreSQL, and ODBC. II. DESCRIPTION phpMyChat 0.14.6 startpage.css.php, style.css.php, userspopupL.php are prone to Cross-site...
phpMyChat0146.txt
phpMyChat Multiple XSS vulnerabilities. I. BACKGROUND phpMyChat is an easy-to-install, easy-to-use multi-room chat based on PHP and a database, supporting MySQL, PostgreSQL, and ODBC. II. DESCRIPTION phpMyChat 0.14.6 startpage.css.php, style.css.php, userspopupL.php are prone to Cross-site...
Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations
Overview Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 IKEv1 implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an...
Fortinet Fortigate console management detection
This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fortinet Fortigate console management detection
The remote host appears to be a Fortinet Fortigate Firewall. Connections are allowed to the web console management. Letting attackers know that you are using this software will help them to focus their attack or will make them change their strategy. In addition to this, an attacker may set up a...
CVE-2005-3400
Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...
CVE-2005-3400
The CVE-2005-3400 entry describes a vulnerability in Fortinet 2.48.0.0 identified as a multiple interpretation error. The issue allows remote attackers to bypass virus scanning by submitting a file type such as BAT, HTML, or EML that contains an MZ (EXE) magic byte sequence, causing the file to b...
CVE-2005-3400
Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...
CVE-2005-3221
Multiple interpretation error in unspecified versions of Fortinet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, eve...
CVE-2005-3221
CVE-2005-3221 : Multiple interpretation errors in unspecified versions of Fortinet Antivirus allow remote attackers to bypass virus detection by presenting a malicious executable embedded in a specially crafted RAR file with malformed central and local headers. The crafted archive can be opened b...
Fortinet Fortigate firewall backdoor account
maintainer/pbcpbnserial number account has local root access to device...
Backdoor in Fortinet's firewall Fortigate
If you have console access to this box, you are able to get root access or more by using the Username: maintainer Password: pbcpbnhere should you type the serialnr. of the box, the characters should be in Capital letters. FortiOS: 2.x Regards Johan Andersson Atea Security, Sweden Phone: +46-709-1...
CVE-2005-1837
Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges...
CVE-2005-1837
Affected product: Fortinet FortiOS 2.x Fortinet firewall. Vulnerability: Hardcoded username with the password set to the device serial number, enabling local users with console access to gain privileges. Impact: Privilege escalation to higher privileges for local attackers. Root cause: Credential...
CVE-2005-1837
Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges...
Fortinet VPN Server Detection (over PPTP)
Binary data 2916.prm...