CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2007-2332
https://notcve.org/view.php?id=CVE-2007-2332
Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store. Nortel VPN Router (también conocido como Contivity) 1000, 2000, 4000, y 5000 anterior a 6_05.140 utiliza una llave DES para encriptar contraseñas, lo cual permite a usuarios remotos validados obtener una contraseña a través de ataques por fuerza bruta sobre un hash desde el LDAP almacenado. • http://secunia.com/advisories/24962 http://www.securityfocus.com/bid/23562 http://www.vupen.com/english/advisories/2007/1464 http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null •
CVSS: 5.0EPSS: 1%CPEs: 17EXPL: 0CVE-2005-1802
https://notcve.org/view.php?id=CVE-2005-1802
Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header. • http://securitytracker.com/id?1014068 http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos http://www.securityfocus.com/archive/1/399423 http://www.securityfocus.com/bid/13792 •