20 matches found
EUVD-2005-0845
Malware in sbrugna...
EUVD-2007-2328
Malware in sbrugna...
EUVD-2005-1804
Malware in sbrugna...
EUVD-2007-2329
Malware in sbrugna...
EUVD-2007-2327
Malware in sbrugna...
Nortel SSL VPN 4.2.1 .6 Web Interface Input Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15798/info Nortel SSL VPN is prone to an input validation vulnerability. This issue could be exploited to cause arbitrary commands to be executed on a user's computer. Cross-site scripting attacks are also possible. Norte...
CVE-2007-2333
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 505.149, 505.3xx before 505.304, and 6.x before 605.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network...
Design/Logic Flaw
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 505.149, 505.3xx before 505.304, and 6.x before 605.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via...
Default credentials
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 605.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store...
Design/Logic Flaw
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 505.149, 505.3xx before 505.304, and 6.x before 605.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network...
CVE-2007-2333
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 505.149, 505.3xx before 505.304, and 6.x before 605.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network...
CVE-2007-2334
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 505.149, 505.3xx before 505.304, and 6.x before 605.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via...
CVE-2007-2332
Nortel VPN Router aka Contivity 1000, 2000, 4000, and 5000 before 605.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store...
Nortel VPN路由器多个远程非授权访问漏洞
Nortel VPN路由器为IP网络和因特网上的安全连接提供路由、VPN、防火墙、带宽管理、加密、认证和数据完整性功能。 Nortel VPN路由器上配置了两个默认的用户帐号(FIPSecryptedtest1219和FIPSunecryptedtest1219),这些用户帐号存储在了路由器各种隧道类型的默认LDAP,允许攻击者获得对专用网络的非授权访问。 Nortel VPN路由器使用基于Web的设备管理界面。大多数功能仅在管理员授权后才能使用,但通过精心创建的URL攻击者可以未经授权访问一些管理Web页面,控制某些配置设备。 此外Nortel...
nortel-sh.txt
!/bin/sh Nortel SSL VPN Linux Client race condition Jon Hart The Linux client that is utilized by versions priot to 6.05 of the Nortel SSL VPN appliance suffers from a number of problems that, in combination, allow an unprivileged local user to obtain root privileges. This particular bug is as...
Nortel Contivity VPN Detection
Binary data 3572.prm...
CVE-2005-1802
Nortel VPN Router aka Contivity allows remote attackers to cause a denial of service crash via an IPsec IKE packet with a malformed ISAKMP header...
[SA15548] Nortel VPN Routers IKE Packet Handling Denial of Service
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
CVE-2005-1802
Nortel VPN Router aka Contivity allows remote attackers to cause a denial of service crash via an IPsec IKE packet with a malformed ISAKMP header...
Nortel VPN Client Issue: Clear-text password stored in memory
Nortel VPN Client Issue: Clear-text password stored in memory Summary: NTA Monitor have discovered a password disclosure issue in the Nortel Windows VPN client: The Nortel client stores the password in an obfuscated form in the Windows registry, but it also stores the unencrypted password in...