Lucene search
K

99 matches found

NVD
NVD
added 2008/02/22 11:44 p.m.15 views

CVE-2008-0914

Multiple cross-site scripting XSS vulnerabilities in the Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.01263EPSS
Exploits0References7
Prion
Prion
added 2008/02/22 11:44 p.m.15 views

Code injection

The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining allowed login attempts in a cookie, which makes it easier for remote attackers to conduct brute force attacks by manipulating this cookie's value...

6.4CVSS7.1AI score0.01222EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2008/02/22 11:0 p.m.14 views

CVE-2008-0915

The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining allowed login attempts in a cookie, which makes it easier for remote attackers to conduct brute force attacks by manipulating this cookie's value...

6.5AI score0.01222EPSS
Exploits0References5
CVE
CVE
added 2008/02/22 11:0 p.m.33 views

CVE-2008-0914

CVE-2008-0914 affects the Mediation server component of IPdiva SSL VPN Server, with versions 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 vulnerable to multiple XSS vulnerabilities. The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The connec...

4.3CVSS5.8AI score0.01263EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2008/02/22 11:0 p.m.34 views

CVE-2008-0915

The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining login attempts in a cookie, enabling remote attackers to perform brute-force attacks by manipulating the cookie value. Affected product: IPdiva SSL VPN Server (Mediation server...

6.4CVSS6.6AI score0.01222EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2008/02/22 11:0 p.m.18 views

CVE-2008-0914

Multiple cross-site scripting XSS vulnerabilities in the Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.8AI score0.01263EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2007/02/13 12:0 a.m.10 views

Cisco VPN Server Detection (PPTP)

Binary data 3912.prm...

7.3AI score
Exploits0
seebug.org
seebug.org
added 2006/12/05 12:0 a.m.49 views

Apple Mac OS X 2006-007更新修复多个安全漏洞

Mac OS X是苹果家族计算机所使用的操作系统。 Apple 2006-007安全更新修复了Mac OS X中的多个安全漏洞,具体包括: CVE-2006-4396 Apple Type Services服务程序不安全地创建了错误日志文件,允许本地攻击者以系统权限覆盖或创建文件。 CVE-2006-4398 Apple Type Services服务程序中存在多个缓冲区溢出漏洞。本地攻击者可以通过发送特制的服务请求触发这些溢出,导致拒绝服务或以系统权限执行任意指令。 CVE-2006-4400 Apple Type...

10CVSS6.5AI score0.07456EPSS
Exploits2
Saint
Saint
added 2006/06/30 12:0 a.m.45 views

Windows RRAS memory corruption vulnerability

Added: 06/30/2006 CVE: CVE-2006-2370 BID: 18325 OSVDB: 26437 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. Problem A buffer overflow in RRAS allows remote attackers to execute...

7.5CVSS9.8AI score0.72969EPSS
Exploits18
CERT
CERT
added 2005/06/08 12:0 a.m.31 views

Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes

Overview Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes. This may allow a remote, unauthenticated attacker to access the private network. Description Easy VPN Server Cisco IOS Easy VPN Server allows an IOS device to function as a VPN concentrator, providing...

7.5CVSS6.6AI score0.01444EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2005/05/16 12:0 a.m.10 views

VPN Server Detection (over PPTP)

Binary data 2915.prm...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2005/04/06 12:0 a.m.39 views

Cisco Security Advisory: Vulnerabilities in the Internet Key Exchange Xauth Implementation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: ======================== Vulnerabilities in the Internet Key Exchange Xauth Implementation ================================================================= Revision 1.0 For Public Release 2005 April 6 1600 UTC -...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/04/06 12:0 a.m.30 views

Cisco IOS IKE XAUTH ISAKMP IPSec SA Establish Authentication Bypass (CSCeg00277)

The remote version of IOS contains a feature called 'Easy VPN Server' that allows the administrator of the remote router to create a lightweight VPN server. There is an implementation flaw in the remote version of this software that could allow an authorized user to complete authentication and...

7.5CVSS5.5AI score0.01444EPSS
Exploits0References1
securityvulns
securityvulns
added 2004/08/27 12:0 a.m.41 views

ISS Protection Brief: Entrust Libkmp Library Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Brief August 26, 2004 Entrust LibKmp Library Buffer Overflow Summary: ISS X-Force has discovered a flaw in the Entrust LibKmp ISAKMP library. This library is used by multiple VPN vendors to facilitate IKE key exchange for...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/12/02 12:0 a.m.606 views

IPSEC Internet Key Exchange (IKE) Version 1 Detection

The remote host seems to be enabled to do Internet Key Exchange IKE version 1. This is typically indicative of a VPN server. VPN servers are used to connect remote hosts into internal resources. Make sure that the use of this VPN endpoint is done in accordance with your corporate security policy...

5.5AI score
Exploits0
Debian
Debian
added 2003/04/30 7:43 a.m.26 views

[SECURITY] [DSA 295-1] New pptpd packages fix remote root exploit

-------------------------------------------------------------------------- Debian Security Advisory DSA 295-1 [email protected] http://www.debian.org/security/ Martin Schulze April 30th, 2003 http://www.debian.org/security/faq -...

7.5CVSS6.3AI score0.71026EPSS
Exploits7
NVD
NVD
added 2002/08/12 4:0 a.m.13 views

CVE-2002-0426

VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys...

7.5CVSS6.5AI score0.0136EPSS
Exploits0References4
Cvelist
Cvelist
added 2002/06/11 4:0 a.m.19 views

CVE-2002-0426

VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys...

6.5AI score0.0136EPSS
Exploits0References4
CVE
CVE
added 2002/06/11 4:0 a.m.57 views

CVE-2002-0426

CVE-2002-0426 affects the Linksys EtherFast BEFVP41 Cable/DSL VPN Router (VPN Server module) prior to firmware version 1.40.1. The issue: the router reduces key lengths for keys entered manually, making it easier to crack keys. The NVD entry notes a network attack vector with low attack complexit...

7.5CVSS6.9AI score0.0136EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder