Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NortelContivity

9 matches found

CVE
CVEadded 2000/10/13 4:0 a.m.128 views

CVE-2000-0063

cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.

5CVSS7.1AI score0.00647EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.67 views

CVE-2000-0064

cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters.

5CVSS6.6AI score0.00655EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.41 views

CVE-2005-0844

Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information.

4.6CVSS6.7AI score0.00108EPSS
CVE
CVEadded 2007/04/27 4:19 p.m.37 views

CVE-2007-2333

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network.

10CVSS6.7AI score0.02414EPSS
CVE
CVEadded 2005/06/01 4:0 a.m.34 views

CVE-2005-1802

Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.

5CVSS7AI score0.00763EPSS
CVE
CVEadded 2005/08/16 4:0 a.m.33 views

CVE-2005-2579

Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box.

7.2CVSS6.9AI score0.00026EPSS
CVE
CVEadded 2007/04/27 4:19 p.m.33 views

CVE-2007-2334

Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via...

7.5CVSS6.6AI score0.0111EPSS
CVE
CVEadded 2005/01/10 5:0 a.m.32 views

CVE-2004-1105

Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information.

5CVSS7.2AI score0.04467EPSS
CVE
CVEadded 2005/12/04 10:0 p.m.32 views

CVE-2004-2621

Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack.

4CVSS7AI score0.00321EPSS