Vulnerabilities > CVE-2005-0311 - Unspecified vulnerability in Ingate Firewall

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

ingate

NVD

Published: 2005-05-02

Updated: 2017-07-11

Summary

Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources.

Vulnerable Configurations

Part	Description	Count
Hardware	Ingate Ingate Ingate Firewall 3.2 Ingate Ingate Firewall 3.2.1 Ingate Ingate Firewall 3.3.1 Ingate Ingate Firewall 4.1.3	4

References

http://marc.info/?l=bugtraq&m=110684375429946&w=2
http://secunia.com/advisories/14060
http://securitytracker.com/id?1013022
http://www.ingate.com/relnote-422.php
http://www.securityfocus.com/bid/12383
https://exchange.xforce.ibmcloud.com/vulnerabilities/19123