Page 2 of 12 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 252EXPL: 0

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 http://docs.info.apple.com/article.html?artnum=61798 http://fedoranews.org/updates/FEDORA-2004-095.shtml http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http&# • CWE-476: NULL Pointer Dereference •

CVSS: 10.0EPSS: 6%CPEs: 12EXPL: 0

Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an ISAKMP packet with a large Certificate Request packet. Desbordamiento de búfer basado en la pila en Checkpoint VPN-1 Server 4.1 a 4.1 SP6 y Checkpoint SecuRemote/SecureClient 4.1 a 4.1 compilación 4200 pemite a atacantes remotos ejecutar código arbitrario mediante un paquete ISAKMP con un paquete de Petición de Certificado muy grande. • http://marc.info/?l=bugtraq&m=107604682227031&w=2 http://www.ciac.org/ciac/bulletins/o-073.shtml http://www.kb.cert.org/vuls/id/873334 http://www.osvdb.org/3821 http://www.osvdb.org/4432 http://www.securityfocus.com/bid/9582 http://xforce.iss.net/xforce/alerts/id/163 https://exchange.xforce.ibmcloud.com/vulnerabilities/14150 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 2

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote. • http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html http://marc.info/?l=bugtraq&m=103124812629621&w=2 http://marc.info/?l=bugtraq&m=103176164729351&w=2 http://www.checkpoint.com/techsupport/alerts/ike.html http://www.kb.cert.org/vuls/id/886601 http://www.nta-monitor.com/news/checkpoint.htm http://www.securiteam.com/securitynews/5TP040U8AW.html http://www.securityfocus.com/archive/1/290202 http://www.securityfocus.com/bid/5607 https://exchang •

CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 1

Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file. • http://online.securityfocus.com/archive/1/260662 http://www.iss.net/security_center/static/8423.php http://www.securityfocus.com/bid/4253 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks. • http://www.osvdb.org/20210 http://www.securityfocus.com/archive/1/222366 http://www.securityfocus.com/archive/1/222479 http://www.securityfocus.com/bid/3470 https://exchange.xforce.ibmcloud.com/vulnerabilities/7343 •