Security Advisory: Buffer Overflow in UNIX VPN Client

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Buffer Overflow in UNIX VPN Client Revision 1.0 For Public Release 2002 June 19 at 14:00 GMT - --------------------------------------------------------------------------- Contents Summary Affected Products Details Impact Software Version...

Buffer Overflow in UNIX VPN Client

...

Cisco VPN Client for Unix 3.5.1 - Local Buffer Overflow

Cisco VPN Client for Unix 3.5.1 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/5056/info The Cisco VPN Client software is used to establish Virtual Private Network VPN connections between client machines and a Cisco VPN Concentrator. A vulnerability has been reported in some...

Cisco VPN Client for Unix 3.5.1 - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/5056/info The Cisco VPN Client software is used to establish Virtual Private Network VPN connections between client machines and a Cisco VPN Concentrator. A vulnerability has been reported in some versions of the VPN Client. If an oversized profile nam...

CVE-2002-0426

VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys...

CVE-2002-0426

CVE-2002-0426 affects the Linksys EtherFast BEFVP41 Cable/DSL VPN Router (VPN Server module) prior to firmware version 1.40.1. The issue: the router reduces key lengths for keys entered manually, making it easier to crack keys. The NVD entry notes a network attack vector with low attack complexit...

CVE-2002-1447

Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument...

Linksys BEFVP41 VPN Server does not follow proper VPN standards

Dear all, A month ago, we discovered a bug in the VPN Server module of the Linksys EtherFast BEFVP41 Cable/DSL VPN Router. Here's the detailed email we sent to Linksys Tech Support: Begin Email Dear Support @ Linksys, We recently heard about your BEFVP41 and thought we'd try it out as we liked th...

CVE-2002-0047

CIPE VPN package before 1.3.0-3 allows remote attackers to cause a denial of service crash via a short malformed packet...

[SECURITY] [DSA-104-1] CIPE DoS attack

-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------------ Debian Security Advisory DSA-104-1 [email protected] http://www.debian.org/security/ Wichert Akkerman January 14, 2002 -...

CVE-2001-1499

Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks...

CVE-2001-1431

Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third...

Check Point VPN-1/FireWall-1 4.1 on Nokia IPXXX firewall appliance retransmits original packets

Overview A vulnerability in Check Point VPN-1/FireWall-1 running on Nokia IPXXX Appliances can allow an attacker to pass traffic allowed by the security policy through the firewall while retaining the external untranslated destination IP address. Description Nokia IPXXX Appliances are security...

CVE-2001-0940

Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name...

Переролнение буфера в VPN-1/FireWall-1 Management Servers (buffer overflow)

Переполнение буфера при некорректном запросе от клиента...

CVE-2001-0428

Cisco VPN 3000 series concentrators before 2.5.2F allow remote attackers to cause a denial of service via an IP packet with an invalid IP option...

CVE-2001-0428

CVE-2001-0428 affects Cisco VPN 3000 series concentrators prior to 2.5.2(F). The vulnerability arises from handling IP packets with an invalid IP option, enabling remote denial of service. The available sources list the affected product and the impact (DoS) but do not provide details on exploits,...

CVE-2001-0427

The CVE-2001-0427 issue affects Cisco VPN 3000 series concentrators prior to version 2.5.2(F). An attacker can trigger a denial-of-service by flooding SSL or telnet login services with invalid login attempts, exploiting improper disconnect behavior after repeated failures. Impact is network-based...

CVE-2001-0427

Cisco VPN 3000 series concentrators before 2.5.2F allow remote attackers to cause a denial of service via a flood of invalid login requests to 1 the SSL service, or 2 the telnet service, which do not properly disconnect the user after several failed login attempts...

CVE-2001-1176

Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection...