Vulnerabilities > Nortel > Contivity > Medium

DATE CVE VULNERABILITY TITLE RISK
2005-05-27 CVE-2005-1802 Products Remote Denial of Service vulnerability in Nortel Networks
Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.
network
low complexity
nortel
5.0
2005-05-02 CVE-2005-0844 Cryptographic Issues vulnerability in Nortel Contivity 5.01
Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, which could allow local users to obtain sensitive information.
local
low complexity
nortel CWE-310
4.6
2005-01-10 CVE-2004-1105 Unspecified vulnerability in Nortel Contivity 4.91
Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information.
network
low complexity
nortel
5.0
2004-12-31 CVE-2004-2621 Unspecified vulnerability in Nortel Contivity
Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack.
network
high complexity
nortel
4.0
2000-01-17 CVE-2000-0064 Unspecified vulnerability in Nortel Contivity 1.0
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters.
network
low complexity
nortel
5.0
2000-01-17 CVE-2000-0063 Unspecified vulnerability in Nortel Contivity 1.0
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.
network
low complexity
nortel
5.0