Lucene search
K

1484 matches found

Cvelist
Cvelist
added 2006/10/06 12:0 a.m.28 views

CVE-2006-5179

Intoto iGateway VPN and iGateway SSL-VPN allow context-dependent attackers to cause a denial of service CPU consumption via parasitic public keys with large 1 "public exponent" or 2 "public modulus" values in X.509 certificates that require extra time to process when using RSA signature...

7.5AI score0.00741EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/05/08 12:0 a.m.48 views

OpenVPN Unprotected Management Interface

The remote host is running OpenVPN, an open source SSL VPN. The version of OpenVPN installed on the remote host does not require authentication to access the server's management interface. An attacker can leverage this issue to gain complete control over the affected application simply by telneti...

4CVSS5.6AI score0.01346EPSS
Exploits0References3
Prion
Prion
added 2006/04/29 10:2 a.m.16 views

Buffer overflow

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute...

7.5CVSS8.5AI score0.67312EPSS
Exploits3References11
NVD
NVD
added 2006/04/29 10:2 a.m.11 views

CVE-2006-2086

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute...

7.5CVSS7.8AI score0.67312EPSS
Exploits3References11
CVE
CVE
added 2006/04/29 10:0 a.m.72 views

CVE-2006-2086

The CVE-2006-2086 issue is a buffer overflow in the JuniperSetupDLL.dll loaded by JuniperSetup.ocx used by the Juniper SSL-VPN Client to access Juniper NetScreen IVE devices running IVE OS pre-final versions. The vulnerability is triggered by a long argument in the ProductName parameter, allowing...

7.5CVSS7.8AI score0.67312EPSS
Exploits3References11Affected Software1
Cvelist
Cvelist
added 2006/04/29 10:0 a.m.22 views

CVE-2006-2086

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute...

7.8AI score0.67312EPSS
Exploits3References11
securityvulns
securityvulns
added 2006/04/27 12:0 a.m.41 views

Juniper SSL-VPN JuniperSetup client component buffer overflow

Buffer overflow in JuniperSetup.ocx ActiveX element...

4.5AI score
Exploits0References1
NVD
NVD
added 2006/03/22 2:2 a.m.14 views

CVE-2006-1357

Cross-site scripting XSS vulnerability in my.support.php3 in F5 Firepass 4100 SSL VPN 5.4.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS5.7AI score0.01937EPSS
Exploits1References7
Prion
Prion
added 2006/03/22 2:2 a.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in my.support.php3 in F5 Firepass 4100 SSL VPN 5.4.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

4.3CVSS6.1AI score0.01937EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2006/03/22 2:0 a.m.47 views

CVE-2006-1357

CVE-2006-1357 describes a cross-site scripting (XSS) vulnerability in the F5 Firepass 4100 SSL VPN, specifically in the file my.support.php3 (version 5.4.2). The issue allows remote attackers to inject arbitrary web script or HTML by supplying a value in the s parameter. The available documents d...

4.3CVSS5.7AI score0.01937EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2006/03/22 2:0 a.m.23 views

CVE-2006-1357

Cross-site scripting XSS vulnerability in my.support.php3 in F5 Firepass 4100 SSL VPN 5.4.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter...

5.7AI score0.01937EPSS
Exploits1References7
securityvulns
securityvulns
added 2006/03/21 12:0 a.m.52 views

F5 Firepass 4100 SSL VPN crossite scripting

Web interface crossite scripting...

1.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/03/21 12:0 a.m.29 views

XSS in Firepass 4100 SSL VPN v.5.4.2 (and probably others)

Vulnerability class : Cross-Site Scripting Discovery date : 2nd of February 2006 Remote : Yes Local : No Credit : ILION Research Labs, Geneva Switzerland Vulnerable : F5 Firepass 4100 SSL VPN v. 5.4.2 A XSS Cross-Site-Scripting vulnerability has been uncovered in my.support.php3 called through a...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/03/21 12:0 a.m.24 views

F5 Firepass 4100 SSL VPN - Cross-Site Scripting

source: https://www.securityfocus.com/bid/17175/info FirePass 4100 SSL VPN is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in th...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/12/13 11:0 a.m.19 views

CVE-2005-4197

tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet...

7.6AI score0.11852EPSS
Exploits1References6
CVE
CVE
added 2005/12/13 11:0 a.m.43 views

CVE-2005-4197

The vulnerability CVE-2005-4197 affects Nortel SSL VPN 4.2.1.6, specifically the tunnelform.yaws component. The issue allows remote attackers to execute arbitrary commands via a crafted link in the a parameter, and these commands run with extra privileges inside a cryptographically signed Java Ap...

7.5CVSS8AI score0.11852EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2005/12/13 12:0 a.m.42 views

SEC Consult SA-20051211-0 :: Nortel SSL VPN Cross Site Scripting/Command Execution

SEC-CONSULT Security Advisory 20051212-0 ========================================================================== title: Nortel SSL VPN Cross Site Scripting/Command Execution program: Nortel SSL VPN vulnerable version: 4.2.1.6 homepage: www.nortel.com found: 2005-05-30 by: Daniel Fabian /...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2005/12/13 12:0 a.m.18 views

Nortel SSL VPN multiple vulnerabilities

Crossite scripting, code execution...

2.4AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2005/12/08 12:0 a.m.11 views

Nortel SSL VPN 4.2.1.6 - Web Interface Input Validation

Nortel SSL VPN 4.2.1.6 - Web Interface Input Validation source: https://www.securityfocus.com/bid/15798/info Nortel SSL VPN is prone to an input validation vulnerability. This issue could be exploited to cause arbitrary commands to be executed on a user's computer. Cross-site scripting attacks ar...

Exploits0
Exploit DB
Exploit DB
added 2005/12/08 12:0 a.m.37 views

Nortel SSL VPN 4.2.1.6 - Web Interface Input Validation

source: https://www.securityfocus.com/bid/15798/info Nortel SSL VPN is prone to an input validation vulnerability. This issue could be exploited to cause arbitrary commands to be executed on a user's computer. Cross-site scripting attacks are also possible. Nortel SSL VPN 4.2.1.6 is vulnerable to...

7.4AI score
Exploits0
Rows per page
Query Builder