Vulnerabilities > Ingate > Ingate Firewall > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-10 | CVE-2008-0960 | Improper Authentication vulnerability in Juniper Session and Resource Control and SRC PE SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte. | 10.0 |
2007-11-22 | CVE-2007-6092 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ingate Firewall and Ingate Siparator Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. | 10.0 |
2007-11-22 | CVE-2007-6097 | Multiple vulnerability in Ingate Firewall And SIParator Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted." | 10.0 |
2007-11-22 | CVE-2007-6099 | Denial-Of-Service vulnerability in Ingate Siparator Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "media pinholes" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities. | 10.0 |