36 matches found
EUVD-2004-2612
Malware in sbrugna...
EUVD-2004-1103
Malware in sbrugna...
EUVD-2000-0062
Malware in sbrugna...
EUVD-2000-0063
Malware in sbrugna...
EUVD-2005-2580
Malware in sbrugna...
BlackBerry附件服务PDF处理器多个未明安全漏洞
Bugraq ID: 35102 CNCAN ID:CNCAN-2009052702 BlackBerry企业服务器的BlackBerry附件服务组件处理恶意PDF文件时存在多个安全问题,远程攻击者可以利用漏洞以应用服务进程权限执行任意指令,或导致拒绝服务攻击。 攻击者可以通过发送包含特殊构建的PDF文件的EMAIL消息来触发,目前没有详细漏洞细节提供。 Symantec Clientless VPN Gateway 4400 Series 4.0 SP3 Symantec Clientless VPN Gateway 4400 Series 4.0 SP2 Symantec...
Nortel Contivity Extranet/VPN Switches Default Password (deprecated)
Binary data 4882.prm...
CVE-2007-2332
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 605.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store...
CVE-2007-2332
The CVE-2007-2332 issue affects Nortel VPN Router (Contivity) models 1000/2000/4000/5000 prior to 6_05.140. The underlying weakness is a fixed DES key used to encrypt passwords, enabling remote authenticated users to brute-force a password from the LDAP store. Impact is credential exposure for pa...
CVE-2007-2334
The CVE-2007-2334 issue affects Nortel VPN Router (Contivity) 1000/2000/4000/5000 prior to specific firmware revisions: 5_05.149, 5_05.304 for 5_05.x line, and 6.x prior to 6_05.140. The vulnerability arises from two template HTML files that lack certain verification tags, enabling remote attacke...
CVE-2007-2333
CVE-2007-2333 affects Nortel VPN Router (Contivity) models 1000, 2000, 4000, and 5000, with specific firmware ranges: before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140. The vulnerability involves default LDAP template accounts FIPSecryptedtest1219 and FIPSunecryptedtest1219, whic...
CVE-2007-2333
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 505.149, 505.3xx before 505.304, and 6.x before 605.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network...
Nortel Contivity VPN Detection
Binary data 3572.prm...
CVE-2004-2621
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle MITM attack...
CVE-2004-2621
CVE-2004-2621 relates to the Nortel Contivity VPN Client. The provided sources indicate that, for versions 2.1.7, 3.00, 3.01, 4.91, and 5.01, a race condition occurs when opening a VPN tunnel: the gateway certificate is not checked until after a user-facing dialog is shown, which could allow a re...
CVE-2005-2579
Nortel Contivity VPN Client V0501.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box...
CVE-2005-2579
CVE-2005-2579 affects Nortel Contivity VPN Client (V05_01.030). The issue is that when configuring a certificate for authentication, the process does not properly drop system privileges, enabling local users to gain privileges by launching a program via the File Open dialog box. Documented impact...
Nortel Contivity VPN Client privilege escalation
File open dialog exllows to execute file with LocalSystem privileges...
FW: Updated Version & Exploit - Privilege escalation in Nortel Contivity VPN Client V05_01.030
Updated to add additional version & exploit details. Reps to Crime Dog Vulnerable Versions: Nortel Contivity VPN Client V0501.100 Patches/Workarounds: Good question Exploit: 1. With the Contivity client open click go into "Group Authentication Options" 2. Select "Challenge Response Token" options...
ContivitySystem.txt
Summary: Privilege escalation in Nortel Contivity VPN Client V0501.030 http://www.nortel.com Details: The Contivity VPN Client is a Windows application that lets you define and store connection information for accessing your corporate network through a Contivity Secure IP Services Gateway. When t...