99 matches found
CVE-2008-0914
Multiple cross-site scripting XSS vulnerabilities in the Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Code injection
The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining allowed login attempts in a cookie, which makes it easier for remote attackers to conduct brute force attacks by manipulating this cookie's value...
CVE-2008-0915
The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining allowed login attempts in a cookie, which makes it easier for remote attackers to conduct brute force attacks by manipulating this cookie's value...
CVE-2008-0914
CVE-2008-0914 affects the Mediation server component of IPdiva SSL VPN Server, with versions 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 vulnerable to multiple XSS vulnerabilities. The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The connec...
CVE-2008-0915
The Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 stores the number of remaining login attempts in a cookie, enabling remote attackers to perform brute-force attacks by manipulating the cookie value. Affected product: IPdiva SSL VPN Server (Mediation server...
CVE-2008-0914
Multiple cross-site scripting XSS vulnerabilities in the Mediation server in IPdiva SSL VPN Server 2.2 before 2.2.8.84 and 2.3 before 2.3.2.14 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cisco VPN Server Detection (PPTP)
Binary data 3912.prm...
Apple Mac OS X 2006-007更新修复多个安全漏洞
Mac OS X是苹果家族计算机所使用的操作系统。 Apple 2006-007安全更新修复了Mac OS X中的多个安全漏洞,具体包括: CVE-2006-4396 Apple Type Services服务程序不安全地创建了错误日志文件,允许本地攻击者以系统权限覆盖或创建文件。 CVE-2006-4398 Apple Type Services服务程序中存在多个缓冲区溢出漏洞。本地攻击者可以通过发送特制的服务请求触发这些溢出,导致拒绝服务或以系统权限执行任意指令。 CVE-2006-4400 Apple Type...
Windows RRAS memory corruption vulnerability
Added: 06/30/2006 CVE: CVE-2006-2370 BID: 18325 OSVDB: 26437 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. Problem A buffer overflow in RRAS allows remote attackers to execute...
Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes
Overview Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes. This may allow a remote, unauthenticated attacker to access the private network. Description Easy VPN Server Cisco IOS Easy VPN Server allows an IOS device to function as a VPN concentrator, providing...
VPN Server Detection (over PPTP)
Binary data 2915.prm...
Cisco Security Advisory: Vulnerabilities in the Internet Key Exchange Xauth Implementation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: ======================== Vulnerabilities in the Internet Key Exchange Xauth Implementation ================================================================= Revision 1.0 For Public Release 2005 April 6 1600 UTC -...
Cisco IOS IKE XAUTH ISAKMP IPSec SA Establish Authentication Bypass (CSCeg00277)
The remote version of IOS contains a feature called 'Easy VPN Server' that allows the administrator of the remote router to create a lightweight VPN server. There is an implementation flaw in the remote version of this software that could allow an authorized user to complete authentication and...
ISS Protection Brief: Entrust Libkmp Library Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Brief August 26, 2004 Entrust LibKmp Library Buffer Overflow Summary: ISS X-Force has discovered a flaw in the Entrust LibKmp ISAKMP library. This library is used by multiple VPN vendors to facilitate IKE key exchange for...
IPSEC Internet Key Exchange (IKE) Version 1 Detection
The remote host seems to be enabled to do Internet Key Exchange IKE version 1. This is typically indicative of a VPN server. VPN servers are used to connect remote hosts into internal resources. Make sure that the use of this VPN endpoint is done in accordance with your corporate security policy...
[SECURITY] [DSA 295-1] New pptpd packages fix remote root exploit
-------------------------------------------------------------------------- Debian Security Advisory DSA 295-1 [email protected] http://www.debian.org/security/ Martin Schulze April 30th, 2003 http://www.debian.org/security/faq -...
CVE-2002-0426
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys...
CVE-2002-0426
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys...
CVE-2002-0426
CVE-2002-0426 affects the Linksys EtherFast BEFVP41 Cable/DSL VPN Router (VPN Server module) prior to firmware version 1.40.1. The issue: the router reduces key lengths for keys entered manually, making it easier to crack keys. The NVD entry notes a network attack vector with low attack complexit...