36 matches found
ContivitySystem.txt
Summary: Privilege escalation in Nortel Contivity VPN Client V0501.030 http://www.nortel.com Details: The Contivity VPN Client is a Windows application that lets you define and store connection information for accessing your corporate network through a Contivity Secure IP Services Gateway. When t...
CVE-2005-1802
Nortel VPN Router (also known as Contivity) is affected by CVE-2005-1802. A remote attacker can cause a denial of service (crash) by sending an IPsec IKE packet with a malformed ISAKMP header. The available documents identify the vulnerable component as the IPsec/IKE handling, but do not provide ...
Nortel VPN Client Issue: Clear-text password stored in memory
Nortel VPN Client Issue: Clear-text password stored in memory Summary: NTA Monitor have discovered a password disclosure issue in the Nortel Windows VPN client: The Nortel client stores the password in an obfuscated form in the Windows registry, but it also stores the unencrypted password in...
CVE-2004-2621
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle MITM attack...
CVE-2004-1105
Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information...
CVE-2004-1105
The CVE-2004-1105 entry concerns Nortel Networks Contivity VPN Client, where the authentication error message varies depending on whether the username is valid, leading to partial information disclosure over a network. The NVD entry documents a Network-level vulnerability with a base score of 5.0...
Nortel Networks Contivity VPN Client information leakage vulnerability
Name: User Account Enumeration in Nortel Contivity VPN Vendor: Nortel Networks Products Affected: Nortel Networks Contivity VPN Client Type: Remote User Account Enumeration Severity: Medium I. Overview The Nortel Networks Contivity VPN Client authentication error message provides more information...
Nortel Contivity VPN information leak
Messages for wrong username and wrong password are different...
Nortel Networks Contivity VPN Client information leakage vulnerability
Overview The Nortel Networks Contivity VPN Client authentication error message provide additional information that may be useful to an attacker. Description The Nortel Networks Contivity VPN Client software provides an encrypted and authenticated VPN connection from a client system to a Nortel...
CVE-2000-0064
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters...
CVE-2000-0063
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script...
CVE-2000-0064
The CVE-2000-0064 issue affects Nortel Contivity HTTP Server, specifically the cgiproc CGI script. The underlying problem is a vulnerability in cgiproc where a malformed URL containing shell metacharacters can crash the remote host, causing a denial of service. Affected component: cgiproc CGI scr...
CVE-2000-0063
CVE-2000-0063 affects the Nortel Contivity HTTP server via the cgiproc CGI script, which allows remote attackers to read arbitrary files by passing a filename parameter. This points to an uncontrolled file access flaw in the CGI handler, enabling partial confidentiality impact. The available docu...
Nortel Contivity HTTP Server cgiproc Special Character DoS
It is possible to crash the remote host by doing the HTTP request : GET /cgi/cgiproc?$ C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10160; scriptversion"1.39"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/29"; scriptcveid"CVE-2000-0064";...
CVE-2000-0064
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters...
CVE-2000-0063
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script...