Vulnerabilities > IIJ > Seil B1

DATE CVE VULNERABILITY TITLE RISK
2015-02-28 CVE-2015-0887 Resource Management Errors vulnerability in IIJ products
npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji routers 1.00 through 3.30, SEIL/X1 routers 3.50 through 4.70, SEIL/X2 routers 3.50 through 4.70, and SEIL/B1 routers 3.50 through 4.70 allows remote attackers to cause a denial of service (infinite loop and device hang) via a crafted SSTP packet.
network
iij CWE-399
7.1
2014-12-05 CVE-2014-7256 Resource Management Errors vulnerability in IIJ products
The (1) PPP Access Concentrator (PPPAC) and (2) Dial-Up Networking Internet Initiative Japan Inc.
network
low complexity
iij CWE-399
7.8
2014-12-05 CVE-2014-7255 Resource Exhaustion vulnerability in IIJ products
Internet Initiative Japan Inc.
network
low complexity
iij CWE-400
5.0
2014-06-16 CVE-2014-2004 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IIJ products
The PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 routers 1.00 through 3.10, SEIL/X1 routers 1.00 through 4.50, SEIL/X2 routers 1.00 through 4.50, SEIL/B1 routers 1.00 through 4.50, SEIL/Turbo routers 1.80 through 2.17, and SEIL/neu 2FE Plus routers 1.80 through 2.17 allows remote attackers to cause a denial of service (session termination or concentrator outage) via a crafted TCP packet.
network
low complexity
iij CWE-119
5.0
2013-10-01 CVE-2013-4708 Cryptographic Issues vulnerability in IIJ products
The PPP Access Concentrator (PPPAC) in Internet Initiative Japan Inc.
network
high complexity
iij CWE-310
4.0
2013-09-20 CVE-2013-4709 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IIJ products
Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware before 2.82, SEIL/X1 with firmware before 4.32, SEIL/X2 with firmware before 4.32, SEIL/B1 with firmware before 4.32, SEIL/Turbo with firmware before 2.16, and SEIL/neu 2FE Plus with firmware before 2.16 allows remote attackers to execute arbitrary code via a crafted L2TP message.
network
iij CWE-119
6.8
2011-03-01 CVE-2011-0454 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IIJ products
Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware 1.00 through 1.61, SEIL/B1 with firmware 1.00 through 3.11, SEIL/X1 with firmware 1.00 through 3.11, SEIL/X2 with firmware 1.00 through 3.11, SEIL/Turbo with firmware 1.80 through 2.10, and SEIL/neu 2FE Plus with firmware 1.80 through 2.10 might allow remote attackers to execute arbitrary code via a PPPoE packet.
low complexity
iij CWE-119
8.3
2010-08-30 CVE-2010-2363 Permissions, Privileges, and Access Controls vulnerability in IIJ products
The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on the SEIL/X1, SEIL/X2, and SEIL/B1 routers with firmware 1.00 through 2.73, when strict mode is used, does not properly drop packets, which might allow remote attackers to bypass intended access restrictions via a spoofed IP address.
network
iij CWE-264
5.8
2009-12-23 CVE-2009-4409 Improper Authentication vulnerability in IIJ Seil/B1
The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC) function in Internet Initiative Japan SEIL/B1 firmware 1.00 through 2.52 use the same challenge for each authentication attempt, which allows remote attackers to bypass authentication via a replay attack.
network
high complexity
iij CWE-287
2.6
2009-12-10 CVE-2009-4293 Configuration vulnerability in IIJ products
Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.30 through 2.51, when NAT is enabled, allows remote attackers to cause a denial of service (system restart) via crafted GRE packets.
network
iij CWE-16
7.1