CVSS: 1.2EPSS: 0%CPEs: 1EXPL: 0CVE-2006-3551
https://notcve.org/view.php?id=CVE-2006-3551
NCP Secure Enterprise Client (aka VPN/PKI client) 8.30 Build 59, and possibly earlier versions, when the Link Firewall and Personal Firewall are both configured to block all inbound and outbound network traffic, allows context-dependent attackers to send inbound UDP traffic with source port 67 and destination port 68, and outbound UDP traffic with source port 68 and destination port 67. NCP Secure Enterprise Client (también conocido como VPN/PKI client) 8.30 Build 59, y posiblemente anteriores versiones, cuando cuando el cortafuegos de enlace y el personal (Link FireWall y Personal FireWall) son ambos configurados para bloquear todo el tráfico de red de entrada y salida, permite a atacantes dependientes del contexto enviar tráfico UDP de entrada con un puerto fuente 67 y un puerto de destino 68, y tráfico de salida UDP con un puerto fuente 68 y puerto de destino 67. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047547.html https://exchange.xforce.ibmcloud.com/vulnerabilities/27484 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0965
https://notcve.org/view.php?id=CVE-2006-0965
NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to bypass security protections and configure privileged options via a long argument to ncpmon.exe, which provides access to alternate privileged menus, possibly due to a buffer overflow. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042640.html http://secunia.com/advisories/19082 http://www.securityfocus.com/archive/1/426480/100/0/threaded http://www.securityfocus.com/bid/16906 https://exchange.xforce.ibmcloud.com/vulnerabilities/25243 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0967
https://notcve.org/view.php?id=CVE-2006-0967
NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (memory usage and cpu utilization) via a flood of arbitrary UDP datagrams to ports 0 to 65000. NOTE: this issue was reported as a buffer overflow, but that term usually does not apply in flooding attacks. NCP Network Communication Secure Client 8.11 Build 146 y posiblemente otras versiones, permite a usuarios locales provocar una denegación de servicio (uso de memoria y utilización de cpu) a través de una inundación de datagramas UDP arbitrarios de los puertos 0 a 65000. NOTA: este caso fue reportado como un desbordamiento de buffer, pero ese término no se aplica por lo general en ataques de inundación. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042640.html http://secunia.com/advisories/19082 http://www.securityfocus.com/archive/1/426480/100/0/threaded http://www.securityfocus.com/bid/16906 https://exchange.xforce.ibmcloud.com/vulnerabilities/25249 • CWE-399: Resource Management Errors •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0966
https://notcve.org/view.php?id=CVE-2006-0966
NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a large number of arguments to ncprwsnt.exe, possibly due to a buffer overflow. NCP Network Communication Secure Client 8.11 Build 146 y posiblemente otras versiones, permite a usuarios locales provocar una denegación de servicio (consumo de CPU) a través de un número grande de argumentos para ncprwsnt.exe, posiblemente debido a un desbordamiento de buffer. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042640.html http://secunia.com/advisories/19082 http://www.securityfocus.com/archive/1/426480/100/0/threaded http://www.securityfocus.com/bid/16906 https://exchange.xforce.ibmcloud.com/vulnerabilities/25248 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0968
https://notcve.org/view.php?id=CVE-2006-0968
The ncprwsnt service in NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to execute arbitrary code by modifying the connect.bat script, which is automatically executed by the service after a connection is established. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042640.html http://secunia.com/advisories/19082 http://securityreason.com/securityalert/524 http://www.securityfocus.com/archive/1/426480/100/0/threaded http://www.securityfocus.com/bid/16906 https://exchange.xforce.ibmcloud.com/vulnerabilities/25251 •