Vulnerabilities > CVE-2007-6098 - Multiple vulnerability in Ingate Firewall And SIParator

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

ingate

NVD

Published: 2007-11-22

Updated: 2008-11-15

Summary

Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.

Vulnerable Configurations

Part	Description	Count
Hardware	Ingate Ingate Ingate Firewall * Ingate Ingate Siparator *	2

References

http://www.ingate.com/relnote-460.php
http://www.securityfocus.com/bid/26486