MidnightBSD

Advisories for 4d

CVE-2000-0290 MEDIUM

Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
4d webstar_http_server 4.0
CVE-2004-0079 MEDIUM

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
4d webstar 5.2.4
novell edirectory 8.7.1
lite speed_technologies_litespeed_web_server 1.0.1
cisco webns 7.1_0.2.06
stonesoft stonegate 2.0.5
freebsd freebsd 5.2.1
novell edirectory 8.5
cisco ios 12.1(11b)e14
lite speed_technologies_litespeed_web_server 1.3_rc1
lite speed_technologies_litespeed_web_server 1.1.1
neoteris instant_virtual_extranet 3.3.1
redhat openssl 0.9.7a-2
checkpoint firewall-1 next_generation_fp1
stonesoft stonegate 2.2.4
cisco pix_firewall_software 6.0
stonesoft stonegate 2.0.9
openbsd openbsd 3.4
cisco pix_firewall_software 6.2
checkpoint vpn-1 next_generation_fp2
cisco ios 12.2(14)sy1
vmware gsx_server 2.5.1
cisco pix_firewall_software 6.2(3)
vmware gsx_server 2.0
sco openserver 5.0.6
cisco gss_4490_global_site_selector *
cisco threat_response *
cisco css_secure_content_accelerator 1.0
checkpoint firewall-1 next_generation_fp2
stonesoft stonegate 2.0.8
hp wbem a.02.00.01
apple mac_os_x 10.3.3
cisco ios 12.1(11)e
sgi propack 3.0
cisco okena_stormwatch 3.2
4d webstar 5.3
stonesoft stonegate 2.0.6
stonesoft stonegate_vpn_client 1.7
avaya sg5 4.4
stonesoft stonegate 1.7
avaya s8700 r2.0.0
checkpoint vpn-1 vsx_ng_with_application_intelligence
hp wbem a.01.05.08
avaya vsu 5x
lite speed_technologies_litespeed_web_server 1.3.1
stonesoft servercluster 2.5
avaya s8500 r2.0.1
lite speed_technologies_litespeed_web_server 1.3_rc2
cisco pix_firewall_software 6.0(2)
stonesoft stonegate 2.0.7
cisco mds_9000 *
cisco css11000_content_services_switch *
openssl openssl 0.9.7
checkpoint firewall-1 2.0
symantec clientless_vpn_gateway_4400 5.0
securecomputing sidewinder 5.2.0.02
stonesoft stonebeat_webcluster 2.0
cisco pix_firewall_software 6.0(4)
cisco firewall_services_module 2.1_(0.208)
4d webstar 5.2.2
avaya sg203 4.31.29
cisco call_manager *
securecomputing sidewinder 5.2.0.01
stonesoft stonebeat_securitycluster 2.0
novell edirectory 8.6.2
avaya intuity_audix 5.1.46
stonesoft stonegate 1.7.2
openssl openssl 0.9.6i
freebsd freebsd 4.8
openssl openssl 0.9.6j
neoteris instant_virtual_extranet 3.3
avaya s8300 r2.0.1
stonesoft stonegate 1.6.3
stonesoft stonegate_vpn_client 2.0.8
hp hp-ux 11.23
stonesoft stonebeat_fullcluster 2.5
avaya sg203 4.4
cisco webns 7.10_.0.06s
lite speed_technologies_litespeed_web_server 1.2_rc1
avaya s8700 r2.0.1
stonesoft stonebeat_webcluster 2.5
4d webstar 5.2
neoteris instant_virtual_extranet 3.2
hp aaa_server *
stonesoft stonegate_vpn_client 2.0.9
avaya sg200 4.4
cisco pix_firewall_software 6.3(3.102)
cisco ios 12.1(13)e9
cisco ios 12.2sy
stonesoft stonegate 1.5.18
openssl openssl 0.9.6c
vmware gsx_server 3.0_build_7592
stonesoft stonebeat_fullcluster 1_2.0
avaya sg5 4.2
avaya vsu 2000_r2.0.1
cisco webns 6.10_b4
redhat openssl 0.9.6-15
novell edirectory 8.5.12a
bluecoat cacheos_ca_sa 4.1.10
checkpoint vpn-1 next_generation_fp1
stonesoft stonegate 2.1
cisco pix_firewall_software 6.2(2)
cisco firewall_services_module 1.1.2
cisco pix_firewall 6.2.2_.111
redhat linux 8.0
cisco ios 12.2(14)sy
openssl openssl 0.9.6e
lite speed_technologies_litespeed_web_server 1.0.3
cisco gss_4480_global_site_selector *
hp hp-ux 8.05
lite speed_technologies_litespeed_web_server 1.2_rc2
openssl openssl 0.9.7c
cisco application_and_content_networking_software *
avaya sg200 4.31.29
securecomputing sidewinder 5.2
cisco firewall_services_module 1.1.3
cisco ciscoworks_common_management_foundation 2.1
stonesoft stonegate_vpn_client 2.0.7
sco openserver 5.0.7
checkpoint provider-1 4.1
freebsd freebsd 5.1
cisco pix_firewall_software 6.1
stonesoft stonegate 1.7.1
neoteris instant_virtual_extranet 3.0
stonesoft stonegate 1.6.2
cisco pix_firewall_software 6.3(1)
4d webstar 5.2.1
tarantella tarantella_enterprise 3.20
cisco ios 12.1(19)e1
avaya vsu 5000_r2.0.1
vmware gsx_server 2.0.1_build_2129
checkpoint vpn-1 next_generation_fp0
novell edirectory 8.7
stonesoft stonegate 2.0.1
lite speed_technologies_litespeed_web_server 1.2.1
cisco pix_firewall_software 6.0(3)
cisco pix_firewall_software 6.1(4)
vmware gsx_server 2.5.1_build_5336
openssl openssl 0.9.7b
cisco pix_firewall_software 6.2(1)
cisco ios 12.2za
tarantella tarantella_enterprise 3.30
cisco firewall_services_module 1.1_(3.005)
novell imanager 1.5
cisco ios 12.1(11b)e
avaya sg5 4.3
neoteris instant_virtual_extranet 3.1
openbsd openbsd 3.3
avaya vsu 500
lite speed_technologies_litespeed_web_server 1.1
avaya s8300 r2.0.0
lite speed_technologies_litespeed_web_server 1.3
cisco pix_firewall_software 6.1(1)
tarantella tarantella_enterprise 3.40
avaya sg208 4.4
lite speed_technologies_litespeed_web_server 1.3_rc3
checkpoint firewall-1 *
cisco ciscoworks_common_services 2.2
novell edirectory 8.5.27
stonesoft servercluster 2.5.2
cisco webns 7.1_0.1.02
sgi propack 2.3
avaya vsu 100_r2.0.1
stonesoft stonegate_vpn_client 1.7.2
stonesoft stonegate 2.2.1
stonesoft stonebeat_fullcluster 3.0
cisco firewall_services_module *
cisco css_secure_content_accelerator 2.0
cisco pix_firewall_software 6.3(2)
hp apache-based_web_server 2.0.43.04
hp apache-based_web_server 2.0.43.00
securecomputing sidewinder 5.2.0.04
cisco pix_firewall_software 6.0(4.101)
freebsd freebsd 5.2
redhat enterprise_linux_desktop 3.0
cisco pix_firewall_software 6.1(3)
hp wbem a.02.00.00
avaya intuity_audix s3400
dell bsafe_ssl-j 3.0.1
stonesoft stonegate 2.0.4
stonesoft stonebeat_fullcluster 2.0
avaya intuity_audix s3210
avaya vsu 5
avaya converged_communications_server 2.0
redhat enterprise_linux 3.0
avaya vsu 7500_r2.0.1
lite speed_technologies_litespeed_web_server 1.2.2
cisco content_services_switch_11500 *
sun crypto_accelerator_4000 1.0
cisco secure_content_accelerator 10000
cisco ios 12.1(11b)e12
stonesoft stonebeat_securitycluster 2.5
openssl openssl 0.9.7a
avaya s8500 r2.0.0
lite speed_technologies_litespeed_web_server 1.0.2
cisco pix_firewall_software 6.2(3.100)
securecomputing sidewinder 5.2.1
cisco pix_firewall_software 6.1(2)
checkpoint firewall-1 next_generation_fp0
novell imanager 2.0
sgi propack 2.4
stonesoft stonegate 1.5.17
hp hp-ux 11.11
cisco pix_firewall_software 6.0(1)
4d webstar 5.3.1
4d webstar 5.2.3
openssl openssl 0.9.6g
cisco webns 6.10
bluecoat cacheos_ca_sa 4.1.12
redhat linux 7.2
redhat openssl 0.9.6b-3
bluecoat proxysg *
redhat linux 7.3
dell bsafe_ssl-j 3.1
openssl openssl 0.9.6f
dell bsafe_ssl-j 3.0
stonesoft stonegate_vpn_client 2.0
cisco webns 7.2_0.0.03
4d webstar 4.0
apple mac_os_x_server 10.3.3
cisco access_registrar *
freebsd freebsd 4.9
novell edirectory 8.0
stonesoft stonebeat_fullcluster 1_3.0
cisco pix_firewall_software 6.1(5)
cisco pix_firewall_software 6.3
cisco pix_firewall_software 6.3(3.109)
avaya intuity_audix *
hp hp-ux 11.00
securecomputing sidewinder 5.2.1.02
avaya sg208 *
cisco webns 7.10
stonesoft stonegate 2.2
openssl openssl 0.9.6h
avaya vsu 10000_r2.0.1
openssl openssl 0.9.6k
openssl openssl 0.9.6d
securecomputing sidewinder 5.2.0.03
CVE-2004-0081 MEDIUM

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
4d webstar 5.2.4
novell edirectory 8.7.1
lite speed_technologies_litespeed_web_server 1.0.1
cisco webns 7.1_0.2.06
stonesoft stonegate 2.0.5
freebsd freebsd 5.2.1
novell edirectory 8.5
cisco ios 12.1(11b)e14
lite speed_technologies_litespeed_web_server 1.3_rc1
lite speed_technologies_litespeed_web_server 1.1.1
neoteris instant_virtual_extranet 3.3.1
redhat openssl 0.9.7a-2
checkpoint firewall-1 next_generation_fp1
stonesoft stonegate 2.2.4
cisco pix_firewall_software 6.0
stonesoft stonegate 2.0.9
openbsd openbsd 3.4
cisco pix_firewall_software 6.2
cisco ios 12.2(14)sy1
vmware gsx_server 2.5.1
cisco pix_firewall_software 6.2(3)
vmware gsx_server 2.0
sco openserver 5.0.6
cisco gss_4490_global_site_selector *
cisco threat_response *
cisco css_secure_content_accelerator 1.0
checkpoint firewall-1 next_generation_fp2
stonesoft stonegate 2.0.8
hp wbem a.02.00.01
checkpoint vpn-1 next_generation
apple mac_os_x 10.3.3
cisco ios 12.1(11)e
sgi propack 3.0
cisco okena_stormwatch 3.2
4d webstar 5.3
stonesoft stonegate 2.0.6
stonesoft stonegate_vpn_client 1.7
avaya sg5 4.4
stonesoft stonegate 1.7
avaya s8700 r2.0.0
checkpoint vpn-1 vsx_ng_with_application_intelligence
hp wbem a.01.05.08
avaya vsu 5x
lite speed_technologies_litespeed_web_server 1.3.1
stonesoft servercluster 2.5
avaya s8500 r2.0.1
lite speed_technologies_litespeed_web_server 1.3_rc2
cisco pix_firewall_software 6.0(2)
stonesoft stonegate 2.0.7
cisco mds_9000 *
cisco css11000_content_services_switch *
openssl openssl 0.9.7
checkpoint firewall-1 2.0
symantec clientless_vpn_gateway_4400 5.0
securecomputing sidewinder 5.2.0.02
stonesoft stonebeat_webcluster 2.0
cisco pix_firewall_software 6.0(4)
cisco firewall_services_module 2.1_(0.208)
4d webstar 5.2.2
avaya sg203 4.31.29
cisco call_manager *
securecomputing sidewinder 5.2.0.01
stonesoft stonebeat_securitycluster 2.0
novell edirectory 8.6.2
avaya intuity_audix 5.1.46
stonesoft stonegate 1.7.2
openssl openssl 0.9.6i
freebsd freebsd 4.8
openssl openssl 0.9.6j
neoteris instant_virtual_extranet 3.3
avaya s8300 r2.0.1
stonesoft stonegate 1.6.3
stonesoft stonegate_vpn_client 2.0.8
hp hp-ux 11.23
stonesoft stonebeat_fullcluster 2.5
avaya sg203 4.4
cisco webns 7.10_.0.06s
lite speed_technologies_litespeed_web_server 1.2_rc1
avaya s8700 r2.0.1
stonesoft stonebeat_webcluster 2.5
4d webstar 5.2
neoteris instant_virtual_extranet 3.2
hp aaa_server *
stonesoft stonegate_vpn_client 2.0.9
avaya sg200 4.4
cisco pix_firewall_software 6.3(3.102)
cisco ios 12.1(13)e9
cisco ios 12.2sy
stonesoft stonegate 1.5.18
openssl openssl 0.9.6c
vmware gsx_server 3.0_build_7592
stonesoft stonebeat_fullcluster 1_2.0
avaya sg5 4.2
avaya vsu 2000_r2.0.1
cisco webns 6.10_b4
redhat openssl 0.9.6-15
novell edirectory 8.5.12a
bluecoat cacheos_ca_sa 4.1.10
checkpoint vpn-1 next_generation_fp1
stonesoft stonegate 2.1
cisco pix_firewall_software 6.2(2)
cisco firewall_services_module 1.1.2
cisco pix_firewall 6.2.2_.111
redhat linux 8.0
cisco ios 12.2(14)sy
openssl openssl 0.9.6e
lite speed_technologies_litespeed_web_server 1.0.3
cisco gss_4480_global_site_selector *
hp hp-ux 8.05
lite speed_technologies_litespeed_web_server 1.2_rc2
openssl openssl 0.9.7c
cisco application_and_content_networking_software *
avaya sg200 4.31.29
securecomputing sidewinder 5.2
cisco firewall_services_module 1.1.3
cisco ciscoworks_common_management_foundation 2.1
stonesoft stonegate_vpn_client 2.0.7
sco openserver 5.0.7
checkpoint provider-1 4.1
freebsd freebsd 5.1
cisco pix_firewall_software 6.1
stonesoft stonegate 1.7.1
neoteris instant_virtual_extranet 3.0
stonesoft stonegate 1.6.2
cisco pix_firewall_software 6.3(1)
4d webstar 5.2.1
tarantella tarantella_enterprise 3.20
cisco ios 12.1(19)e1
avaya vsu 5000_r2.0.1
vmware gsx_server 2.0.1_build_2129
checkpoint vpn-1 next_generation_fp0
novell edirectory 8.7
stonesoft stonegate 2.0.1
lite speed_technologies_litespeed_web_server 1.2.1
cisco pix_firewall_software 6.0(3)
cisco pix_firewall_software 6.1(4)
vmware gsx_server 2.5.1_build_5336
openssl openssl 0.9.7b
cisco pix_firewall_software 6.2(1)
cisco ios 12.2za
tarantella tarantella_enterprise 3.30
cisco firewall_services_module 1.1_(3.005)
novell imanager 1.5
cisco ios 12.1(11b)e
avaya sg5 4.3
neoteris instant_virtual_extranet 3.1
openbsd openbsd 3.3
avaya vsu 500
lite speed_technologies_litespeed_web_server 1.1
avaya s8300 r2.0.0
lite speed_technologies_litespeed_web_server 1.3
cisco pix_firewall_software 6.1(1)
tarantella tarantella_enterprise 3.40
avaya sg208 4.4
lite speed_technologies_litespeed_web_server 1.3_rc3
checkpoint firewall-1 *
cisco ciscoworks_common_services 2.2
novell edirectory 8.5.27
stonesoft servercluster 2.5.2
cisco webns 7.1_0.1.02
sgi propack 2.3
avaya vsu 100_r2.0.1
stonesoft stonegate_vpn_client 1.7.2
stonesoft stonegate 2.2.1
stonesoft stonebeat_fullcluster 3.0
cisco firewall_services_module *
cisco css_secure_content_accelerator 2.0
cisco pix_firewall_software 6.3(2)
hp apache-based_web_server 2.0.43.04
hp apache-based_web_server 2.0.43.00
securecomputing sidewinder 5.2.0.04
cisco pix_firewall_software 6.0(4.101)
freebsd freebsd 5.2
redhat enterprise_linux_desktop 3.0
cisco pix_firewall_software 6.1(3)
hp wbem a.02.00.00
avaya intuity_audix s3400
dell bsafe_ssl-j 3.0.1
stonesoft stonegate 2.0.4
stonesoft stonebeat_fullcluster 2.0
avaya intuity_audix s3210
avaya vsu 5
avaya converged_communications_server 2.0
redhat enterprise_linux 3.0
avaya vsu 7500_r2.0.1
lite speed_technologies_litespeed_web_server 1.2.2
cisco content_services_switch_11500 *
sun crypto_accelerator_4000 1.0
cisco secure_content_accelerator 10000
cisco ios 12.1(11b)e12
stonesoft stonebeat_securitycluster 2.5
openssl openssl 0.9.7a
avaya s8500 r2.0.0
lite speed_technologies_litespeed_web_server 1.0.2
cisco pix_firewall_software 6.2(3.100)
securecomputing sidewinder 5.2.1
cisco pix_firewall_software 6.1(2)
checkpoint firewall-1 next_generation_fp0
novell imanager 2.0
sgi propack 2.4
stonesoft stonegate 1.5.17
hp hp-ux 11.11
cisco pix_firewall_software 6.0(1)
4d webstar 5.3.1
4d webstar 5.2.3
openssl openssl 0.9.6g
cisco webns 6.10
bluecoat cacheos_ca_sa 4.1.12
redhat linux 7.2
redhat openssl 0.9.6b-3
bluecoat proxysg *
redhat linux 7.3
dell bsafe_ssl-j 3.1
openssl openssl 0.9.6f
dell bsafe_ssl-j 3.0
stonesoft stonegate_vpn_client 2.0
cisco webns 7.2_0.0.03
4d webstar 4.0
apple mac_os_x_server 10.3.3
cisco access_registrar *
freebsd freebsd 4.9
novell edirectory 8.0
stonesoft stonebeat_fullcluster 1_3.0
cisco pix_firewall_software 6.1(5)
cisco pix_firewall_software 6.3
cisco pix_firewall_software 6.3(3.109)
avaya intuity_audix *
hp hp-ux 11.00
securecomputing sidewinder 5.2.1.02
avaya sg208 *
cisco webns 7.10
stonesoft stonegate 2.2
openssl openssl 0.9.6h
avaya vsu 10000_r2.0.1
openssl openssl 0.9.6k
openssl openssl 0.9.6d
securecomputing sidewinder 5.2.0.03
CVE-2004-0112 MEDIUM

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
4d webstar 5.2.4
novell edirectory 8.7.1
cisco webns 7.1_0.2.06
freebsd freebsd 5.2.1
novell edirectory 8.5
cisco ios 12.1(11b)e14
forcepoint stonegate 2.0.4
neoteris instant_virtual_extranet 3.3.1
redhat openssl 0.9.7a-2
checkpoint firewall-1 next_generation_fp1
cisco pix_firewall_software 6.0
forcepoint stonegate 1.7.2
openbsd openbsd 3.4
cisco pix_firewall_software 6.2
checkpoint vpn-1 next_generation_fp2
cisco ios 12.2(14)sy1
vmware gsx_server 2.5.1
cisco pix_firewall_software 6.2(3)
vmware gsx_server 2.0
sco openserver 5.0.6
cisco gss_4490_global_site_selector *
cisco threat_response *
cisco css_secure_content_accelerator 1.0
checkpoint firewall-1 next_generation_fp2
hp wbem a.02.00.01
forcepoint stonegate 1.7
apple mac_os_x 10.3.3
cisco ios 12.1(11)e
sgi propack 3.0
cisco okena_stormwatch 3.2
forcepoint stonegate 2.0.8
4d webstar 5.3
avaya sg5 4.4
avaya s8700 r2.0.0
checkpoint vpn-1 vsx_ng_with_application_intelligence
hp wbem a.01.05.08
avaya vsu 5x
stonesoft servercluster 2.5
avaya s8500 r2.0.1
cisco pix_firewall_software 6.0(2)
cisco mds_9000 *
cisco css11000_content_services_switch *
openssl openssl 0.9.7
checkpoint firewall-1 2.0
symantec clientless_vpn_gateway_4400 5.0
securecomputing sidewinder 5.2.0.02
stonesoft stonebeat_webcluster 2.0
cisco pix_firewall_software 6.0(4)
cisco firewall_services_module 2.1_(0.208)
4d webstar 5.2.2
avaya sg203 4.31.29
cisco call_manager *
securecomputing sidewinder 5.2.0.01
stonesoft stonebeat_securitycluster 2.0
novell edirectory 8.6.2
avaya intuity_audix 5.1.46
openssl openssl 0.9.6i
freebsd freebsd 4.8
openssl openssl 0.9.6j
neoteris instant_virtual_extranet 3.3
avaya s8300 r2.0.1
hp hp-ux 11.23
stonesoft stonebeat_fullcluster 2.5
avaya sg203 4.4
cisco webns 7.10_.0.06s
avaya s8700 r2.0.1
stonesoft stonebeat_webcluster 2.5
4d webstar 5.2
neoteris instant_virtual_extranet 3.2
hp aaa_server *
avaya sg200 4.4
cisco pix_firewall_software 6.3(3.102)
cisco ios 12.1(13)e9
cisco ios 12.2sy
openssl openssl 0.9.6c
vmware gsx_server 3.0_build_7592
forcepoint stonegate 2.2.4
stonesoft stonebeat_fullcluster 1_2.0
avaya sg5 4.2
avaya vsu 2000_r2.0.1
cisco webns 6.10_b4
redhat openssl 0.9.6-15
novell edirectory 8.5.12a
bluecoat cacheos_ca_sa 4.1.10
checkpoint vpn-1 next_generation_fp1
cisco pix_firewall_software 6.2(2)
cisco firewall_services_module 1.1.2
cisco pix_firewall 6.2.2_.111
litespeedtech litespeed_web_server 1.0.1
redhat linux 8.0
forcepoint stonegate 1.6.3
cisco ios 12.2(14)sy
openssl openssl 0.9.6e
cisco gss_4480_global_site_selector *
hp hp-ux 8.05
openssl openssl 0.9.7c
cisco application_and_content_networking_software *
avaya sg200 4.31.29
securecomputing sidewinder 5.2
cisco firewall_services_module 1.1.3
cisco ciscoworks_common_management_foundation 2.1
sco openserver 5.0.7
checkpoint provider-1 4.1
freebsd freebsd 5.1
cisco pix_firewall_software 6.1
neoteris instant_virtual_extranet 3.0
cisco pix_firewall_software 6.3(1)
4d webstar 5.2.1
tarantella tarantella_enterprise 3.20
forcepoint stonegate 2.2
cisco ios 12.1(19)e1
avaya vsu 5000_r2.0.1
vmware gsx_server 2.0.1_build_2129
checkpoint vpn-1 next_generation_fp0
novell edirectory 8.7
forcepoint stonegate 2.0.6
cisco pix_firewall_software 6.0(3)
cisco pix_firewall_software 6.1(4)
vmware gsx_server 2.5.1_build_5336
openssl openssl 0.9.7b
cisco pix_firewall_software 6.2(1)
cisco ios 12.2za
tarantella tarantella_enterprise 3.30
cisco firewall_services_module 1.1_(3.005)
novell imanager 1.5
cisco ios 12.1(11b)e
forcepoint stonegate 2.2.1
avaya sg5 4.3
neoteris instant_virtual_extranet 3.1
openbsd openbsd 3.3
avaya vsu 500
avaya s8300 r2.0.0
cisco pix_firewall_software 6.1(1)
tarantella tarantella_enterprise 3.40
avaya sg208 4.4
forcepoint stonegate 1.7.1
checkpoint firewall-1 *
cisco ciscoworks_common_services 2.2
novell edirectory 8.5.27
stonesoft servercluster 2.5.2
cisco webns 7.1_0.1.02
sgi propack 2.3
avaya vsu 100_r2.0.1
stonesoft stonebeat_fullcluster 3.0
cisco firewall_services_module *
cisco css_secure_content_accelerator 2.0
cisco pix_firewall_software 6.3(2)
hp apache-based_web_server 2.0.43.04
hp apache-based_web_server 2.0.43.00
securecomputing sidewinder 5.2.0.04
cisco pix_firewall_software 6.0(4.101)
freebsd freebsd 5.2
redhat enterprise_linux_desktop 3.0
cisco pix_firewall_software 6.1(3)
hp wbem a.02.00.00
avaya intuity_audix s3400
dell bsafe_ssl-j 3.0.1
stonesoft stonebeat_fullcluster 2.0
avaya intuity_audix s3210
forcepoint stonegate 2.1
avaya vsu 5
avaya converged_communications_server 2.0
redhat enterprise_linux 3.0
avaya vsu 7500_r2.0.1
cisco content_services_switch_11500 *
sun crypto_accelerator_4000 1.0
cisco secure_content_accelerator 10000
cisco ios 12.1(11b)e12
stonesoft stonebeat_securitycluster 2.5
openssl openssl 0.9.7a
avaya s8500 r2.0.0
forcepoint stonegate 1.6.2
cisco pix_firewall_software 6.2(3.100)
securecomputing sidewinder 5.2.1
cisco pix_firewall_software 6.1(2)
checkpoint firewall-1 next_generation_fp0
novell imanager 2.0
sgi propack 2.4
forcepoint stonegate 1.5.17
hp hp-ux 11.11
cisco pix_firewall_software 6.0(1)
4d webstar 5.3.1
4d webstar 5.2.3
openssl openssl 0.9.6g
cisco webns 6.10
bluecoat cacheos_ca_sa 4.1.12
redhat linux 7.2
redhat openssl 0.9.6b-3
bluecoat proxysg *
redhat linux 7.3
dell bsafe_ssl-j 3.1
openssl openssl 0.9.6f
dell bsafe_ssl-j 3.0
cisco webns 7.2_0.0.03
4d webstar 4.0
apple mac_os_x_server 10.3.3
cisco access_registrar *
freebsd freebsd 4.9
novell edirectory 8.0
stonesoft stonebeat_fullcluster 1_3.0
cisco pix_firewall_software 6.1(5)
forcepoint stonegate 2.0.7
cisco pix_firewall_software 6.3
forcepoint stonegate 1.5.18
cisco pix_firewall_software 6.3(3.109)
avaya intuity_audix *
hp hp-ux 11.00
securecomputing sidewinder 5.2.1.02
avaya sg208 *
cisco webns 7.10
openssl openssl 0.9.6h
avaya vsu 10000_r2.0.1
forcepoint stonegate 2.0.9
openssl openssl 0.9.6k
forcepoint stonegate 2.0.1
openssl openssl 0.9.6d
forcepoint stonegate 2.0.5
securecomputing sidewinder 5.2.0.03
CVE-2004-0695 HIGH

Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
4d webstar 5.2.4
4d webstar 5.3.1
4d webstar 5.2.1
4d webstar 5.2.3
4d webstar 5.2
4d webstar 5.3
4d webstar 5.3.2
4d webstar 5.2.2
4d webstar 4.0
CVE-2004-0696 MEDIUM

The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
4d webstar 5.2.4
4d webstar 5.3.1
4d webstar 5.2.1
4d webstar 5.2.3
4d webstar 5.2
4d webstar 5.3
4d webstar 5.3.2
4d webstar 5.2.2
4d webstar 4.0
CVE-2004-0697 MEDIUM

Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
4d webstar 5.2.4
4d webstar 5.3.1
4d webstar 5.2.1
4d webstar 5.2.3
4d webstar 5.2
4d webstar 5.3
4d webstar 5.3.2
4d webstar 5.2.2
4d webstar 4.0
CVE-2004-0698 LOW

4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
4d webstar 5.2.4
4d webstar 5.3.1
4d webstar 5.2.1
4d webstar 5.2.3
4d webstar 5.2
4d webstar 5.3
4d webstar 5.3.2
4d webstar 5.2.2
4d webstar 4.0
CVE-2005-1507 MEDIUM

Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
4d webstar 5.4
4d webstar 5.3.3
CVE-2005-3143 MEDIUM

Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
4d webstar 5.2.4
4d webstar 5.2.1
4d webstar 5.3.3
4d webstar 5.2
4d webstar 5.1.3
4d webstar 5.3
4d webstar 5.1.2
4d webstar 5.3.2
4d webstar 5.3.1
4d webstar 5.2.3
4d webstar 5.2.2
4d webstar 5.3.4
CVE-2023-30222

An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping.

Products Affected

Vendor Product Version
4d server 18
4d server 17
4d server 19
CVE-2023-30223

A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.

Products Affected

Vendor Product Version
4d server 18
4d server 17
4d server 19
CVE-2023-4770

An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9
cve-coordination@incibe.es 6.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H 0.6 5.9

Products Affected

Vendor Product Version
4d 4d 19
4d server 19