Vulnerabilities > CVE-2004-1105 - Unspecified vulnerability in Nortel Contivity 4.91

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

nortel

NVD

Published: 2005-01-10

Updated: 2017-07-11

Summary

Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information.

Vulnerable Configurations

Part	Description	Count
Hardware	Nortel Nortel Contivity 4.91	1

References

http://archives.neohapsis.com/archives/fulldisclosure/2004-11/0291.html
http://www.kb.cert.org/vuls/id/830214
http://www.kb.cert.org/vuls/id/CRDY-626N7F
http://www.nii.co.in/vuln/contivity.html
http://www.securityfocus.com/bid/11623
https://exchange.xforce.ibmcloud.com/vulnerabilities/17988