Page 3 of 15 results (0.008 seconds)

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0

Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter. Ingate Firewall y SIParator anterior a 4.5.2 permite a atacantes remotos evitar la validación SIP a través de ciertos parámetros maddr. • http://osvdb.org/36708 http://secunia.com/advisories/25420 http://www.ingate.com/relnote-452.php http://www.vupen.com/english/advisories/2007/1973 https://exchange.xforce.ibmcloud.com/vulnerabilities/34887 • CWE-287: Improper Authentication •

CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0

Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to "XSS exploits" in administrator functionality. • http://secunia.com/advisories/20479 http://securitytracker.com/id?1016244 http://securitytracker.com/id?1016245 http://www.ingate.com/relnote-441.php http://www.vupen.com/english/advisories/2006/2183 https://exchange.xforce.ibmcloud.com/vulnerabilities/26978 •

CVSS: 5.0EPSS: 3%CPEs: 4EXPL: 0

Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake. • http://secunia.com/advisories/20479 http://securitytracker.com/id?1016244 http://securitytracker.com/id?1016245 http://www.ingate.com/relnote-441.php http://www.securityfocus.com/bid/18318 http://www.vupen.com/english/advisories/2006/2183 https://exchange.xforce.ibmcloud.com/vulnerabilities/26977 •

CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0

Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response. • http://secunia.com/advisories/18138 http://www.ingate.com/relnote-434.php http://www.securityfocus.com/bid/16023 http://www.vupen.com/english/advisories/2005/3011 •

CVSS: 4.6EPSS: 1%CPEs: 4EXPL: 0

Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources. • http://marc.info/?l=bugtraq&m=110684375429946&w=2 http://secunia.com/advisories/14060 http://securitytracker.com/id?1013022 http://www.ingate.com/relnote-422.php http://www.securityfocus.com/bid/12383 https://exchange.xforce.ibmcloud.com/vulnerabilities/19123 •