Lucene search
K

36 matches found

Packet Storm
Packet Storm
added 2005/08/11 12:0 a.m.33 views

ContivitySystem.txt

Summary: Privilege escalation in Nortel Contivity VPN Client V0501.030 http://www.nortel.com Details: The Contivity VPN Client is a Windows application that lets you define and store connection information for accessing your corporate network through a Contivity Secure IP Services Gateway. When t...

7.4AI score
Exploits0
CVE
CVE
added 2005/06/01 4:0 a.m.45 views

CVE-2005-1802

Nortel VPN Router (also known as Contivity) is affected by CVE-2005-1802. A remote attacker can cause a denial of service (crash) by sending an IPsec IKE packet with a malformed ISAKMP header. The available documents identify the vulnerable component as the IPsec/IKE handling, but do not provide ...

5CVSS7AI score0.01591EPSS
Exploits0References4Affected Software9
securityvulns
securityvulns
added 2005/03/22 12:0 a.m.44 views

Nortel VPN Client Issue: Clear-text password stored in memory

Nortel VPN Client Issue: Clear-text password stored in memory Summary: NTA Monitor have discovered a password disclosure issue in the Nortel Windows VPN client: The Nortel client stores the password in an obfuscated form in the Windows registry, but it also stores the unencrypted password in...

7.1AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.16 views

CVE-2004-2621

Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle MITM attack...

4CVSS6.6AI score0.00746EPSS
Exploits0References6
Cvelist
Cvelist
added 2004/12/01 5:0 a.m.14 views

CVE-2004-1105

Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information...

6.8AI score0.02043EPSS
Exploits0References6
CVE
CVE
added 2004/12/01 5:0 a.m.44 views

CVE-2004-1105

The CVE-2004-1105 entry concerns Nortel Networks Contivity VPN Client, where the authentication error message varies depending on whether the username is valid, leading to partial information disclosure over a network. The NVD entry documents a Network-level vulnerability with a base score of 5.0...

5CVSS7.2AI score0.02043EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2004/11/11 12:0 a.m.29 views

Nortel Networks Contivity VPN Client information leakage vulnerability

Name: User Account Enumeration in Nortel Contivity VPN Vendor: Nortel Networks Products Affected: Nortel Networks Contivity VPN Client Type: Remote User Account Enumeration Severity: Medium I. Overview The Nortel Networks Contivity VPN Client authentication error message provides more information...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2004/11/11 12:0 a.m.72 views

Nortel Contivity VPN information leak

Messages for wrong username and wrong password are different...

1.3AI score
Exploits0References1Affected Software1
CERT
CERT
added 2004/11/08 12:0 a.m.17 views

Nortel Networks Contivity VPN Client information leakage vulnerability

Overview The Nortel Networks Contivity VPN Client authentication error message provide additional information that may be useful to an attacker. Description The Nortel Networks Contivity VPN Client software provides an encrypted and authenticated VPN connection from a client system to a Nortel...

6.7AI score
Exploits0References1
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.19 views

CVE-2000-0064

cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters...

6.6AI score0.01302EPSS
Exploits0References2
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.26 views

CVE-2000-0063

cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script...

6.7AI score0.01359EPSS
Exploits0References1
CVE
CVE
added 2000/10/13 4:0 a.m.80 views

CVE-2000-0064

The CVE-2000-0064 issue affects Nortel Contivity HTTP Server, specifically the cgiproc CGI script. The underlying problem is a vulnerability in cgiproc where a malformed URL containing shell metacharacters can crash the remote host, causing a denial of service. Affected component: cgiproc CGI scr...

5CVSS6.6AI score0.01302EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2000/10/13 4:0 a.m.141 views

CVE-2000-0063

CVE-2000-0063 affects the Nortel Contivity HTTP server via the cgiproc CGI script, which allows remote attackers to read arbitrary files by passing a filename parameter. This points to an uncontrolled file access flaw in the CGI handler, enabling partial confidentiality impact. The available docu...

5CVSS7.1AI score0.01359EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2000/01/20 12:0 a.m.324 views

Nortel Contivity HTTP Server cgiproc Special Character DoS

It is possible to crash the remote host by doing the HTTP request : GET /cgi/cgiproc?$ C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10160; scriptversion"1.39"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/29"; scriptcveid"CVE-2000-0064";...

5CVSS7AI score0.01302EPSS
Exploits0References3
NVD
NVD
added 2000/01/17 5:0 a.m.21 views

CVE-2000-0064

cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters...

5CVSS6.6AI score0.01302EPSS
Exploits0References2
NVD
NVD
added 2000/01/17 5:0 a.m.23 views

CVE-2000-0063

cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script...

5CVSS6.7AI score0.01359EPSS
Exploits0References1
Rows per page
Query Builder