Vulnerabilities > Nortel > Contivity > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-27 | CVE-2005-1802 | Products Remote Denial of Service vulnerability in Nortel Networks Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header. | 5.0 |
| 2005-05-02 | CVE-2005-0844 | Cryptographic Issues vulnerability in Nortel Contivity 5.01 Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information. | 4.6 |
| 2005-01-10 | CVE-2004-1105 | Unspecified vulnerability in Nortel Contivity 4.91 Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information. | 5.0 |
| 2004-12-31 | CVE-2004-2621 | Unspecified vulnerability in Nortel Contivity Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack. | 4.0 |
| 2000-01-17 | CVE-2000-0064 | Unspecified vulnerability in Nortel Contivity 1.0 cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. | 5.0 |
| 2000-01-17 | CVE-2000-0063 | Unspecified vulnerability in Nortel Contivity 1.0 cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | 5.0 |