MidnightBSD

Advisories for navision

CVE-2001-0392 MEDIUM

Navision Financials Server 2.60 and earlier allows remote attackers to cause a denial of service by sending a null character and a long string to the server port (2407), which causes the server to crash.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
navision financials_server *
navision financials_server 2.50
CVE-2001-0393 MEDIUM

Navision Financials Server 2.0 allows remote attackers to cause a denial of service via a series of connections to the server without providing a username/password combination, which consumes the license limits.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
navision financials_server 2.0
CVE-2008-1147 MEDIUM

A certain pseudo-random number generator (PRNG) algorithm that uses XOR and 2-bit random hops (aka "Algorithm X2"), as used in OpenBSD 2.6 through 3.4, Mac OS X 10 through 10.5.1, FreeBSD 4.4 through 7.0, and DragonFlyBSD 1.0 through 1.10.1, allows remote attackers to guess sensitive values such as IP fragmentation IDs by observing a sequence of previously generated values. NOTE: this issue can be leveraged for attacks such as injection into TCP packets and OS fingerprinting.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
darwin darwin 9.1
cosmicperl directory_pro 10.0.3
darwin darwin 1.0
navision financials_server 3.0