Vulnerabilities > Entrust

DATE CVE VULNERABILITY TITLE RISK
2007-08-29 CVE-2007-4594 Credentials Management vulnerability in Entrust Entelligence Security Provider 8
Entrust Entelligence Security Provider (ESP) 8 does not properly validate certificates in certain circumstances involving (1) a chain that omits the root Certification Authority (CA) certificate, or an application that specifies disregarding (2) unknown revocation statuses during path validation or (3) certain errors in the certification path, which might allow context-dependent attackers to spoof certificate authentication.
network
low complexity
entrust CWE-255
6.4
2004-12-31 CVE-2004-0369 Remote IPsec/ISAKMP Buffer Overflow vulnerability in Entrust LibKMP ISAKMP Library
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
network
low complexity
entrust symantec
7.5
2004-02-03 CVE-2002-0712 Authorization Circumvention vulnerability in Entrust Authority Security Manager 5.0/6.0
Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.
local
low complexity
entrust
2.1
2001-12-06 CVE-2001-0853 Unspecified vulnerability in Entrust Getaccess Allversions
Directory traversal vulnerability in Entrust GetAccess allows remote attackers to read arbitrary files via a ..
network
low complexity
entrust
5.0
2001-07-27 CVE-2001-1024 Remote Security vulnerability in GetAccess
login.gas.bat and other CGI scripts in Entrust getAccess allow remote attackers to execute Java programs, and possibly arbitrary commands, by specifying an alternate -classpath argument.
network
low complexity
entrust
7.5