17 matches found
EUVD-2000-0063
Malware in sbrugna...
EUVD-2004-2612
Malware in sbrugna...
EUVD-2005-2580
Malware in sbrugna...
EUVD-2000-0062
Malware in sbrugna...
Nortel Contivity Extranet/VPN Switches Default Password (deprecated)
Binary data 4882.prm...
CVE-2004-2621
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle MITM attack...
FW: Updated Version & Exploit - Privilege escalation in Nortel Contivity VPN Client V05_01.030
Updated to add additional version & exploit details. Reps to Crime Dog Vulnerable Versions: Nortel Contivity VPN Client V0501.100 Patches/Workarounds: Good question Exploit: 1. With the Contivity client open click go into "Group Authentication Options" 2. Select "Challenge Response Token" options...
Nortel Contivity VPN Client privilege escalation
File open dialog exllows to execute file with LocalSystem privileges...
ContivitySystem.txt
Summary: Privilege escalation in Nortel Contivity VPN Client V0501.030 http://www.nortel.com Details: The Contivity VPN Client is a Windows application that lets you define and store connection information for accessing your corporate network through a Contivity Secure IP Services Gateway. When t...
Privilege escalation in Nortel Contivity VPN Client V05_01.030
Summary: Privilege escalation in Nortel Contivity VPN Client V0501.030 http://www.nortel.com Details: The Contivity VPN Client is a Windows application that lets you define and store connection information for accessing your corporate network through a Contivity Secure IP Services Gateway. When t...
CVE-2004-2621
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle MITM attack...
Nortel Contivity VPN information leak
Messages for wrong username and wrong password are different...
CVE-2000-0064
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters...
CVE-2000-0063
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script...
Nortel Contivity HTTP Server cgiproc Special Character DoS
It is possible to crash the remote host by doing the HTTP request : GET /cgi/cgiproc?$ C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10160; scriptversion"1.39"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/29"; scriptcveid"CVE-2000-0064";...
CVE-2000-0064
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters...
CVE-2000-0063
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script...