CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2006-2917
https://notcve.org/view.php?id=CVE-2006-2917
Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands. Vulnerabilidad de salto de directorio en el servidor IMAP en WinGate 6.1.2.1094 y 6.1.3.1096, y posiblemente otras versiones anteriores a 6.1.4 Build 1099, permite a usuarios autenticados leer el correo de otros usuarios, o realizar operaciones no autorizadas en los directorios, a través de las ordenes 1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, y (7) LIST. • http://secunia.com/advisories/20707 http://secunia.com/secunia_research/2006-48/advisory http://www.securityfocus.com/bid/18908 http://www.vupen.com/english/advisories/2006/2730 http://www.wingate.com/download.php •
CVSS: 7.5EPSS: 92%CPEs: 1EXPL: 3CVE-2006-2926 – QBik WinGate WWW Proxy Server - URL Processing Overflow
https://notcve.org/view.php?id=CVE-2006-2926
Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request. • https://www.exploit-db.com/exploits/16690 https://www.exploit-db.com/exploits/1885 http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html http://secunia.com/advisories/20483 http://securitytracker.com/id?1016239 http://www.securityfocus.com/bid/18312 http://www.vupen.com/english/advisories/2006/2182 https://exchange.xforce.ibmcloud.com/vulnerabilities/26970 •
CVSS: 5.0EPSS: 1%CPEs: 98EXPL: 0CVE-2004-0789
https://notcve.org/view.php?id=CVE-2004-0789
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. • http://secunia.com/advisories/13145 http://securitytracker.com/id?1012157 http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf http://www.posadis.org/advisories/pos_adv_006.txt http://www.securityfocus.com/bid/11642 https://exchange.xforce.ibmcloud.com/vulnerabilities/17997 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2004-0577
https://notcve.org/view.php?id=CVE-2004-0577
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory. Wingate 5.2.3 build 901 y 6.0 beta 2 build 942, y otras versiones como la 5.0.5, permite a atacantes remotos leer ficheros arbitraios del directorio raíz mediante un petición URL al directorio wingate-internal. • http://marc.info/?l=full-disclosure&m=108872788123695&w=2 http://www.idefense.com/application/poi/display?id=113 https://exchange.xforce.ibmcloud.com/vulnerabilities/16589 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2004-0578
https://notcve.org/view.php?id=CVE-2004-0578
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory. WinGate 5.2.3 build 901 y 6.0 beta 2 build 942, y otras versiones como 5.0.5 permiten a atacantes remotos leer ficheros arbitrarios mediante caractéres barra (//) en el principio de una petición URL al directorio wingate-internal. • http://marc.info/?l=full-disclosure&m=108872788123695&w=2 http://www.idefense.com/application/poi/display?id=113 https://exchange.xforce.ibmcloud.com/vulnerabilities/16589 •