Qbik

Wingate

14 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-13866

  • EPSS 0.22%
  • Published 08.06.2020 16:15:10
  • Last modified 21.11.2024 05:02:02

WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse.

5.4

CVE-2009-0802

  • EPSS 0.11%
  • Published 04.03.2009 16:30:00
  • Last modified 09.04.2025 00:30:58

Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possib...

6.5

CVE-2008-3606

Exploit
  • EPSS 14.21%
  • Published 12.08.2008 19:41:00
  • Last modified 09.04.2025 00:30:58

Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command. NO...

5

CVE-2007-4335

  • EPSS 2.28%
  • Published 14.08.2007 18:17:00
  • Last modified 09.04.2025 00:30:58

Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash ...

5

CVE-2006-4518

  • EPSS 1.22%
  • Published 28.11.2006 23:28:00
  • Last modified 09.04.2025 00:30:58

Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop.

5.5

CVE-2006-2917

  • EPSS 1.72%
  • Published 10.07.2006 19:05:00
  • Last modified 03.04.2025 01:03:51

Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on dire...

7.5

CVE-2006-2926

Exploit
  • EPSS 84.82%
  • Published 09.06.2006 10:02:00
  • Last modified 03.04.2025 01:03:51

Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.

5

CVE-2004-0789

  • EPSS 1.96%
  • Published 31.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to ca...

5

CVE-2004-0577

  • EPSS 0.39%
  • Published 06.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory.

5

CVE-2004-0578

  • EPSS 0.76%
  • Published 06.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory.