Ingate

Ingate Firewall

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2007-6092

  • EPSS 0.39%
  • Veröffentlicht 22.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.

7.1

CVE-2007-6093

  • EPSS 0.62%
  • Veröffentlicht 22.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is "much more than expected."

4.3

CVE-2007-6094

  • EPSS 0.56%
  • Veröffentlicht 22.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS).

4

CVE-2007-6095

  • EPSS 0.23%
  • Veröffentlicht 22.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive message...

5

CVE-2007-6096

  • EPSS 0.34%
  • Veröffentlicht 22.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of "administrators with less privileges," which might allow attackers to read these passwords via unknown vectors.

10

CVE-2007-6097

  • EPSS 0.34%
  • Veröffentlicht 22.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted."

7.5

CVE-2007-6098

  • EPSS 0.3%
  • Veröffentlicht 22.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, whic...

10

CVE-2007-6099

  • EPSS 1.07%
  • Veröffentlicht 22.11.2007 00:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "media pinholes" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities.

4

CVE-2007-3176

  • EPSS 0.27%
  • Veröffentlicht 11.06.2007 22:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report.

5

CVE-2007-3177

  • EPSS 0.46%
  • Veröffentlicht 11.06.2007 22:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter.