9 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earlier, allows remote attackers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server. • http://www.kb.cert.org/vuls/id/328867 http://www.kb.cert.org/vuls/id/AAMN-5EQR65 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 1

Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110. • http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0012.html http://www.iss.net/security_center/static/9509.php http://www.securityfocus.com/bid/5186 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The FTP service in Watchguard Soho Firewall 5.0.35a allows remote attackers to gain privileges with a correct password but an incorrect user name. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0139.html http://www.iss.net/security_center/static/9511.php •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

Watchguard SOHO firewall before 5.0.35 allows remote attackers to cause a denial of service (crash and reboot) when SOHO forwards a packet with bad IP options. Watchguard SOHO firewall anteriores 5.0.35 permite a atacantes remotos provocar la Denegación de Servicios (caida y reinicio), cuando SOHO envía un paquete con las opciones IP erróneas. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0006.html http://online.securityfocus.com/archive/1/266380 http://www.iss.net/security_center/static/8774.php http://www.securityfocus.com/bid/4447 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP restrictions for customized services that were set before the administrator upgrades to 5.0.35, which could allow remote attackers to bypass the intended access control rules. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0009.html http://online.securityfocus.com/archive/1/266948 http://www.iss.net/security_center/static/8814.php http://www.securityfocus.com/bid/4491 •