Lucene search
+L
NortelContivity

9 matches found

CVE
CVE
added 2000/10/13 4:0 a.m.142 views

CVE-2000-0063

CVE-2000-0063 affects the Nortel Contivity HTTP server via the cgiproc CGI script, which allows remote attackers to read arbitrary files by passing a filename parameter. This points to an uncontrolled file access flaw in the CGI handler, enabling partial confidentiality impact. The available docu...

5CVSS7.1AI score0.01359EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.81 views

CVE-2000-0064

The CVE-2000-0064 issue affects Nortel Contivity HTTP Server, specifically the cgiproc CGI script. The underlying problem is a vulnerability in cgiproc where a malformed URL containing shell metacharacters can crash the remote host, causing a denial of service. Affected component: cgiproc CGI scr...

5CVSS6.6AI score0.01302EPSS
CVE
CVE
added 2005/03/24 5:0 a.m.54 views

CVE-2005-0844

CVE-2005-0844 affects Nortel VPN client 5.01, where the cleartext password is stored in the memory of the Extranet.exe process, allowing a local user to access sensitive information. The root cause is insecure in‑memory handling of credentials in Extranet.exe, with a local attack vector and parti...

4.6CVSS6.7AI score0.00437EPSS
CVE
CVE
added 2007/04/27 4:0 p.m.52 views

CVE-2007-2333

CVE-2007-2333 affects Nortel VPN Router (Contivity) models 1000, 2000, 4000, and 5000, with specific firmware ranges: before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140. The vulnerability involves default LDAP template accounts FIPSecryptedtest1219 and FIPSunecryptedtest1219, whic...

10CVSS6.7AI score0.02566EPSS
CVE
CVE
added 2005/06/01 4:0 a.m.46 views

CVE-2005-1802

Nortel VPN Router (also known as Contivity) is affected by CVE-2005-1802. A remote attacker can cause a denial of service (crash) by sending an IPsec IKE packet with a malformed ISAKMP header. The available documents identify the vulnerable component as the IPsec/IKE handling, but do not provide ...

5CVSS7AI score0.01591EPSS
CVE
CVE
added 2007/04/27 4:0 p.m.46 views

CVE-2007-2334

The CVE-2007-2334 issue affects Nortel VPN Router (Contivity) 1000/2000/4000/5000 prior to specific firmware revisions: 5_05.149, 5_05.304 for 5_05.x line, and 6.x prior to 6_05.140. The vulnerability arises from two template HTML files that lack certain verification tags, enabling remote attacke...

7.5CVSS6.6AI score0.01609EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.45 views

CVE-2005-2579

CVE-2005-2579 affects Nortel Contivity VPN Client (V05_01.030). The issue is that when configuring a certificate for authentication, the process does not properly drop system privileges, enabling local users to gain privileges by launching a program via the File Open dialog box. Documented impact...

7.2CVSS6.9AI score0.00292EPSS
CVE
CVE
added 2004/12/01 5:0 a.m.44 views

CVE-2004-1105

The CVE-2004-1105 entry concerns Nortel Networks Contivity VPN Client, where the authentication error message varies depending on whether the username is valid, leading to partial information disclosure over a network. The NVD entry documents a Network-level vulnerability with a base score of 5.0...

5CVSS7.2AI score0.02043EPSS
CVE
CVE
added 2005/12/04 10:0 p.m.43 views

CVE-2004-2621

CVE-2004-2621 relates to the Nortel Contivity VPN Client. The provided sources indicate that, for versions 2.1.7, 3.00, 3.01, 4.91, and 5.01, a race condition occurs when opening a VPN tunnel: the gateway certificate is not checked until after a user-facing dialog is shown, which could allow a re...

4CVSS7AI score0.00746EPSS