CVSS: 7.5EPSS: 92%CPEs: 1EXPL: 3CVE-2006-2926 – QBik WinGate WWW Proxy Server - URL Processing Overflow
https://notcve.org/view.php?id=CVE-2006-2926
Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request. • https://www.exploit-db.com/exploits/16690 https://www.exploit-db.com/exploits/1885 http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046646.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046649.html http://secunia.com/advisories/20483 http://securitytracker.com/id?1016239 http://www.securityfocus.com/bid/18312 http://www.vupen.com/english/advisories/2006/2182 https://exchange.xforce.ibmcloud.com/vulnerabilities/26970 •
CVSS: 5.0EPSS: 1%CPEs: 98EXPL: 0CVE-2004-0789
https://notcve.org/view.php?id=CVE-2004-0789
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. • http://secunia.com/advisories/13145 http://securitytracker.com/id?1012157 http://www.niscc.gov.uk/niscc/docs/al-20041130-00862.html?lang=en http://www.niscc.gov.uk/niscc/docs/re-20041109-00957.pdf http://www.posadis.org/advisories/pos_adv_006.txt http://www.securityfocus.com/bid/11642 https://exchange.xforce.ibmcloud.com/vulnerabilities/17997 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2004-0577
https://notcve.org/view.php?id=CVE-2004-0577
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory. Wingate 5.2.3 build 901 y 6.0 beta 2 build 942, y otras versiones como la 5.0.5, permite a atacantes remotos leer ficheros arbitraios del directorio raíz mediante un petición URL al directorio wingate-internal. • http://marc.info/?l=full-disclosure&m=108872788123695&w=2 http://www.idefense.com/application/poi/display?id=113 https://exchange.xforce.ibmcloud.com/vulnerabilities/16589 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2004-0578
https://notcve.org/view.php?id=CVE-2004-0578
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory. WinGate 5.2.3 build 901 y 6.0 beta 2 build 942, y otras versiones como 5.0.5 permiten a atacantes remotos leer ficheros arbitrarios mediante caractéres barra (//) en el principio de una petición URL al directorio wingate-internal. • http://marc.info/?l=full-disclosure&m=108872788123695&w=2 http://www.idefense.com/application/poi/display?id=113 https://exchange.xforce.ibmcloud.com/vulnerabilities/16589 •
CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0CVE-2000-1048
https://notcve.org/view.php?id=CVE-2000-1048
Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack via an HTTP GET request that uses encoded characters in the URL. • http://archives.neohapsis.com/archives/bugtraq/2000-10/0245.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5373 •