11 matches found
EUVD-2010-4323
Malware in sbrugna...
EUVD-2003-0994
Malware in sbrugna...
EUVD-2025-22125
Malicious code in bioql PyPI...
CVE-2025-44649
In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchagemode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security...
CVE-2025-44649
In the configuration file of racoon in the TRENDnet TEW-WLC100P 2.03b03, the first item of exchagemode is set to aggressive. Aggressive mode in IKE Phase 1 exposes identity information in plaintext, is vulnerable to offline dictionary attacks, and lacks flexibility in negotiating security...
CVE-2025-44649
The CVE-2025-44649 entry affects TRENDnet TEW-WLC100P 2.03b03, where the racoon configuration uses exchage_mode = aggressive in IKE Phase 1. This exposes identity information in plaintext and is vulnerable to offline dictionary attacks, while limiting security-parameter negotiation. CVSS v3.1 bas...
CVE-2010-4354
The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances ASA 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device,...
CVE-2010-4354
The CVE covers a vulnerability in Cisco VPN products where remote attackers could enumerate valid VPN group names by sending an IKE Aggressive Mode packet with the group name in the ID field. Affected devices include ASA 5500 series, PIX 500 series, and VPN Concentrators 3000 series. Root cause i...
CVE-2006-3906
Internet Key Exchange IKE version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service resource exhaustion via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that...
CVE-2003-1004
Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service dropped IPSec tunnel connection via an IKE Phase I negotiation request to the outside interface of the firewall...
Cisco PIX multiple bugs
SNMPv3 message causes device to reboot. If device is configured as VPN client and another VPN client connects IPSec tunnel may be broken during IKE phase...