MidnightBSD

Advisories for securecomputing

CVE-2004-0079 MEDIUM

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
cisco content_services_switch_11500 *
cisco firewall_services_module 1.1.2
sco openserver 5.0.7
stonesoft stonegate 2.0.4
openssl openssl 0.9.6i
cisco pix_firewall_software 6.1(2)
avaya sg5 4.3
avaya sg203 4.4
cisco webns 7.1_0.2.06
avaya vsu 5x
sgi propack 2.3
cisco pix_firewall_software 6.0(1)
cisco pix_firewall_software 6.1(4)
vmware gsx_server 2.0
stonesoft servercluster 2.5
cisco firewall_services_module 2.1_(0.208)
openssl openssl 0.9.6j
dell bsafe_ssl-j 3.1
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco css11000_content_services_switch *
cisco pix_firewall_software 6.2(1)
openssl openssl 0.9.6c
avaya s8700 r2.0.1
novell edirectory 8.5.27
stonesoft stonegate_vpn_client 2.0.7
lite speed_technologies_litespeed_web_server 1.0.3
cisco pix_firewall_software 6.3(1)
stonesoft stonegate 2.0.5
securecomputing sidewinder 5.2.0.01
stonesoft stonegate 2.0.1
hp hp-ux 11.11
stonesoft stonebeat_fullcluster 2.5
openbsd openbsd 3.3
stonesoft stonebeat_securitycluster 2.0
cisco pix_firewall_software 6.3(2)
cisco pix_firewall_software 6.1(1)
sco openserver 5.0.6
stonesoft stonegate 2.2
avaya sg208 *
stonesoft stonegate 2.0.8
avaya s8700 r2.0.0
avaya s8500 r2.0.1
hp wbem a.01.05.08
cisco pix_firewall_software 6.0(3)
vmware gsx_server 2.0.1_build_2129
4d webstar 5.2.2
avaya vsu 100_r2.0.1
stonesoft stonegate_vpn_client 2.0.9
redhat enterprise_linux_desktop 3.0
hp aaa_server *
stonesoft stonegate 2.0.6
neoteris instant_virtual_extranet 3.3.1
tarantella tarantella_enterprise 3.30
tarantella tarantella_enterprise 3.20
stonesoft stonegate 1.6.3
cisco pix_firewall_software 6.1(3)
vmware gsx_server 3.0_build_7592
securecomputing sidewinder 5.2.1
freebsd freebsd 4.8
avaya vsu 5
stonesoft stonegate 2.2.1
cisco access_registrar *
avaya converged_communications_server 2.0
4d webstar 5.2.3
avaya sg203 4.31.29
hp apache-based_web_server 2.0.43.04
dell bsafe_ssl-j 3.0.1
stonesoft stonebeat_securitycluster 2.5
4d webstar 5.2.1
cisco webns 7.10_.0.06s
novell edirectory 8.5
lite speed_technologies_litespeed_web_server 1.3_rc2
cisco ios 12.2za
avaya vsu 500
hp apache-based_web_server 2.0.43.00
avaya s8500 r2.0.0
stonesoft stonebeat_webcluster 2.0
stonesoft stonegate 1.5.18
cisco firewall_services_module 1.1_(3.005)
stonesoft stonebeat_fullcluster 1_2.0
sgi propack 3.0
4d webstar 5.2.4
lite speed_technologies_litespeed_web_server 1.3_rc3
lite speed_technologies_litespeed_web_server 1.2.2
stonesoft stonegate_vpn_client 1.7.2
bluecoat cacheos_ca_sa 4.1.12
lite speed_technologies_litespeed_web_server 1.0.1
neoteris instant_virtual_extranet 3.0
cisco ios 12.1(11b)e12
hp wbem a.02.00.00
lite speed_technologies_litespeed_web_server 1.1
lite speed_technologies_litespeed_web_server 1.3_rc1
openssl openssl 0.9.6f
cisco pix_firewall_software 6.2(2)
neoteris instant_virtual_extranet 3.1
apple mac_os_x 10.3.3
cisco pix_firewall_software 6.1(5)
novell edirectory 8.7.1
stonesoft stonegate_vpn_client 2.0.8
securecomputing sidewinder 5.2.1.02
stonesoft stonegate 1.5.17
4d webstar 5.3.1
cisco gss_4490_global_site_selector *
securecomputing sidewinder 5.2
checkpoint provider-1 4.1
cisco okena_stormwatch 3.2
dell bsafe_ssl-j 3.0
cisco firewall_services_module *
checkpoint firewall-1 next_generation_fp0
hp hp-ux 11.00
redhat linux 7.2
hp wbem a.02.00.01
cisco pix_firewall 6.2.2_.111
cisco ios 12.1(11b)e14
freebsd freebsd 5.1
avaya sg5 4.2
neoteris instant_virtual_extranet 3.3
hp hp-ux 8.05
cisco webns 6.10
cisco pix_firewall_software 6.0(2)
bluecoat proxysg *
stonesoft stonegate 2.0.7
novell edirectory 8.5.12a
openssl openssl 0.9.6h
openssl openssl 0.9.7b
openbsd openbsd 3.4
stonesoft stonegate_vpn_client 2.0
cisco ios 12.1(11b)e
cisco ios 12.1(11)e
cisco pix_firewall_software 6.0(4)
freebsd freebsd 5.2
avaya intuity_audix s3210
4d webstar 5.2
checkpoint vpn-1 next_generation_fp2
avaya sg5 4.4
redhat openssl 0.9.6-15
cisco firewall_services_module 1.1.3
avaya intuity_audix s3400
cisco ios 12.2(14)sy
checkpoint vpn-1 next_generation_fp1
cisco pix_firewall_software 6.2(3.100)
cisco pix_firewall_software 6.2(3)
stonesoft stonegate 1.7.2
stonesoft servercluster 2.5.2
cisco webns 7.10
lite speed_technologies_litespeed_web_server 1.0.2
stonesoft stonebeat_fullcluster 3.0
cisco pix_firewall_software 6.0(4.101)
cisco ios 12.2(14)sy1
lite speed_technologies_litespeed_web_server 1.1.1
stonesoft stonegate 1.7.1
securecomputing sidewinder 5.2.0.02
cisco pix_firewall_software 6.1
cisco pix_firewall_software 6.3(3.109)
redhat linux 7.3
cisco secure_content_accelerator 10000
cisco application_and_content_networking_software *
sgi propack 2.4
cisco threat_response *
redhat openssl 0.9.6b-3
sun crypto_accelerator_4000 1.0
stonesoft stonebeat_fullcluster 2.0
avaya intuity_audix 5.1.46
avaya vsu 10000_r2.0.1
checkpoint firewall-1 next_generation_fp2
apple mac_os_x_server 10.3.3
avaya vsu 2000_r2.0.1
stonesoft stonegate_vpn_client 1.7
novell edirectory 8.6.2
cisco call_manager *
openssl openssl 0.9.7a
cisco mds_9000 *
cisco ciscoworks_common_management_foundation 2.1
novell edirectory 8.0
checkpoint firewall-1 *
openssl openssl 0.9.6d
openssl openssl 0.9.6e
freebsd freebsd 4.9
4d webstar 4.0
novell imanager 2.0
bluecoat cacheos_ca_sa 4.1.10
cisco ios 12.2sy
cisco ios 12.1(13)e9
redhat openssl 0.9.7a-2
novell imanager 1.5
openssl openssl 0.9.6k
lite speed_technologies_litespeed_web_server 1.2_rc2
avaya vsu 5000_r2.0.1
securecomputing sidewinder 5.2.0.04
cisco gss_4480_global_site_selector *
freebsd freebsd 5.2.1
stonesoft stonegate 2.1
cisco webns 7.1_0.1.02
lite speed_technologies_litespeed_web_server 1.2.1
avaya sg200 4.31.29
checkpoint vpn-1 next_generation_fp0
vmware gsx_server 2.5.1
cisco webns 7.2_0.0.03
cisco pix_firewall_software 6.3
cisco ios 12.1(19)e1
stonesoft stonebeat_fullcluster 1_3.0
cisco css_secure_content_accelerator 1.0
neoteris instant_virtual_extranet 3.2
checkpoint firewall-1 2.0
cisco pix_firewall_software 6.3(3.102)
avaya sg208 4.4
avaya vsu 7500_r2.0.1
cisco pix_firewall_software 6.2
avaya sg200 4.4
stonesoft stonegate 2.2.4
symantec clientless_vpn_gateway_4400 5.0
avaya s8300 r2.0.1
redhat linux 8.0
checkpoint firewall-1 next_generation_fp1
openssl openssl 0.9.7c
stonesoft stonegate 2.0.9
4d webstar 5.3
lite speed_technologies_litespeed_web_server 1.3
redhat enterprise_linux 3.0
openssl openssl 0.9.6g
novell edirectory 8.7
cisco ciscoworks_common_services 2.2
stonesoft stonebeat_webcluster 2.5
lite speed_technologies_litespeed_web_server 1.3.1
stonesoft stonegate 1.6.2
stonesoft stonegate 1.7
vmware gsx_server 2.5.1_build_5336
cisco pix_firewall_software 6.0
lite speed_technologies_litespeed_web_server 1.2_rc1
hp hp-ux 11.23
tarantella tarantella_enterprise 3.40
securecomputing sidewinder 5.2.0.03
cisco css_secure_content_accelerator 2.0
openssl openssl 0.9.7
avaya s8300 r2.0.0
cisco webns 6.10_b4
avaya intuity_audix *
CVE-2004-0081 MEDIUM

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
cisco content_services_switch_11500 *
cisco firewall_services_module 1.1.2
sco openserver 5.0.7
stonesoft stonegate 2.0.4
openssl openssl 0.9.6i
cisco pix_firewall_software 6.1(2)
avaya sg5 4.3
avaya sg203 4.4
cisco webns 7.1_0.2.06
avaya vsu 5x
sgi propack 2.3
cisco pix_firewall_software 6.0(1)
cisco pix_firewall_software 6.1(4)
vmware gsx_server 2.0
stonesoft servercluster 2.5
cisco firewall_services_module 2.1_(0.208)
openssl openssl 0.9.6j
dell bsafe_ssl-j 3.1
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco css11000_content_services_switch *
cisco pix_firewall_software 6.2(1)
openssl openssl 0.9.6c
avaya s8700 r2.0.1
novell edirectory 8.5.27
stonesoft stonegate_vpn_client 2.0.7
lite speed_technologies_litespeed_web_server 1.0.3
cisco pix_firewall_software 6.3(1)
stonesoft stonegate 2.0.5
securecomputing sidewinder 5.2.0.01
stonesoft stonegate 2.0.1
hp hp-ux 11.11
stonesoft stonebeat_fullcluster 2.5
openbsd openbsd 3.3
stonesoft stonebeat_securitycluster 2.0
cisco pix_firewall_software 6.3(2)
cisco pix_firewall_software 6.1(1)
sco openserver 5.0.6
stonesoft stonegate 2.2
avaya sg208 *
stonesoft stonegate 2.0.8
avaya s8700 r2.0.0
avaya s8500 r2.0.1
hp wbem a.01.05.08
cisco pix_firewall_software 6.0(3)
vmware gsx_server 2.0.1_build_2129
4d webstar 5.2.2
avaya vsu 100_r2.0.1
stonesoft stonegate_vpn_client 2.0.9
redhat enterprise_linux_desktop 3.0
hp aaa_server *
stonesoft stonegate 2.0.6
neoteris instant_virtual_extranet 3.3.1
tarantella tarantella_enterprise 3.30
tarantella tarantella_enterprise 3.20
stonesoft stonegate 1.6.3
cisco pix_firewall_software 6.1(3)
vmware gsx_server 3.0_build_7592
securecomputing sidewinder 5.2.1
freebsd freebsd 4.8
avaya vsu 5
stonesoft stonegate 2.2.1
cisco access_registrar *
avaya converged_communications_server 2.0
4d webstar 5.2.3
avaya sg203 4.31.29
hp apache-based_web_server 2.0.43.04
dell bsafe_ssl-j 3.0.1
stonesoft stonebeat_securitycluster 2.5
4d webstar 5.2.1
cisco webns 7.10_.0.06s
novell edirectory 8.5
lite speed_technologies_litespeed_web_server 1.3_rc2
cisco ios 12.2za
avaya vsu 500
hp apache-based_web_server 2.0.43.00
avaya s8500 r2.0.0
stonesoft stonebeat_webcluster 2.0
stonesoft stonegate 1.5.18
cisco firewall_services_module 1.1_(3.005)
stonesoft stonebeat_fullcluster 1_2.0
sgi propack 3.0
4d webstar 5.2.4
lite speed_technologies_litespeed_web_server 1.3_rc3
lite speed_technologies_litespeed_web_server 1.2.2
stonesoft stonegate_vpn_client 1.7.2
bluecoat cacheos_ca_sa 4.1.12
lite speed_technologies_litespeed_web_server 1.0.1
neoteris instant_virtual_extranet 3.0
cisco ios 12.1(11b)e12
hp wbem a.02.00.00
lite speed_technologies_litespeed_web_server 1.1
lite speed_technologies_litespeed_web_server 1.3_rc1
openssl openssl 0.9.6f
cisco pix_firewall_software 6.2(2)
neoteris instant_virtual_extranet 3.1
apple mac_os_x 10.3.3
cisco pix_firewall_software 6.1(5)
novell edirectory 8.7.1
stonesoft stonegate_vpn_client 2.0.8
securecomputing sidewinder 5.2.1.02
stonesoft stonegate 1.5.17
checkpoint vpn-1 next_generation
4d webstar 5.3.1
cisco gss_4490_global_site_selector *
securecomputing sidewinder 5.2
checkpoint provider-1 4.1
cisco okena_stormwatch 3.2
dell bsafe_ssl-j 3.0
cisco firewall_services_module *
checkpoint firewall-1 next_generation_fp0
hp hp-ux 11.00
redhat linux 7.2
hp wbem a.02.00.01
cisco pix_firewall 6.2.2_.111
cisco ios 12.1(11b)e14
freebsd freebsd 5.1
avaya sg5 4.2
neoteris instant_virtual_extranet 3.3
hp hp-ux 8.05
cisco webns 6.10
cisco pix_firewall_software 6.0(2)
bluecoat proxysg *
stonesoft stonegate 2.0.7
novell edirectory 8.5.12a
openssl openssl 0.9.6h
openssl openssl 0.9.7b
openbsd openbsd 3.4
stonesoft stonegate_vpn_client 2.0
cisco ios 12.1(11b)e
cisco ios 12.1(11)e
cisco pix_firewall_software 6.0(4)
freebsd freebsd 5.2
avaya intuity_audix s3210
4d webstar 5.2
avaya sg5 4.4
redhat openssl 0.9.6-15
cisco firewall_services_module 1.1.3
avaya intuity_audix s3400
cisco ios 12.2(14)sy
checkpoint vpn-1 next_generation_fp1
cisco pix_firewall_software 6.2(3.100)
cisco pix_firewall_software 6.2(3)
stonesoft stonegate 1.7.2
stonesoft servercluster 2.5.2
cisco webns 7.10
lite speed_technologies_litespeed_web_server 1.0.2
stonesoft stonebeat_fullcluster 3.0
cisco pix_firewall_software 6.0(4.101)
cisco ios 12.2(14)sy1
lite speed_technologies_litespeed_web_server 1.1.1
stonesoft stonegate 1.7.1
securecomputing sidewinder 5.2.0.02
cisco pix_firewall_software 6.1
cisco pix_firewall_software 6.3(3.109)
redhat linux 7.3
cisco secure_content_accelerator 10000
cisco application_and_content_networking_software *
sgi propack 2.4
cisco threat_response *
redhat openssl 0.9.6b-3
sun crypto_accelerator_4000 1.0
stonesoft stonebeat_fullcluster 2.0
avaya intuity_audix 5.1.46
avaya vsu 10000_r2.0.1
checkpoint firewall-1 next_generation_fp2
apple mac_os_x_server 10.3.3
avaya vsu 2000_r2.0.1
stonesoft stonegate_vpn_client 1.7
novell edirectory 8.6.2
cisco call_manager *
openssl openssl 0.9.7a
cisco mds_9000 *
cisco ciscoworks_common_management_foundation 2.1
novell edirectory 8.0
checkpoint firewall-1 *
openssl openssl 0.9.6d
openssl openssl 0.9.6e
freebsd freebsd 4.9
4d webstar 4.0
novell imanager 2.0
bluecoat cacheos_ca_sa 4.1.10
cisco ios 12.2sy
cisco ios 12.1(13)e9
redhat openssl 0.9.7a-2
novell imanager 1.5
openssl openssl 0.9.6k
lite speed_technologies_litespeed_web_server 1.2_rc2
avaya vsu 5000_r2.0.1
securecomputing sidewinder 5.2.0.04
cisco gss_4480_global_site_selector *
freebsd freebsd 5.2.1
stonesoft stonegate 2.1
cisco webns 7.1_0.1.02
lite speed_technologies_litespeed_web_server 1.2.1
avaya sg200 4.31.29
checkpoint vpn-1 next_generation_fp0
vmware gsx_server 2.5.1
cisco webns 7.2_0.0.03
cisco pix_firewall_software 6.3
cisco ios 12.1(19)e1
stonesoft stonebeat_fullcluster 1_3.0
cisco css_secure_content_accelerator 1.0
neoteris instant_virtual_extranet 3.2
checkpoint firewall-1 2.0
cisco pix_firewall_software 6.3(3.102)
avaya sg208 4.4
avaya vsu 7500_r2.0.1
cisco pix_firewall_software 6.2
avaya sg200 4.4
stonesoft stonegate 2.2.4
symantec clientless_vpn_gateway_4400 5.0
avaya s8300 r2.0.1
redhat linux 8.0
checkpoint firewall-1 next_generation_fp1
openssl openssl 0.9.7c
stonesoft stonegate 2.0.9
4d webstar 5.3
lite speed_technologies_litespeed_web_server 1.3
redhat enterprise_linux 3.0
openssl openssl 0.9.6g
novell edirectory 8.7
cisco ciscoworks_common_services 2.2
stonesoft stonebeat_webcluster 2.5
lite speed_technologies_litespeed_web_server 1.3.1
stonesoft stonegate 1.6.2
stonesoft stonegate 1.7
vmware gsx_server 2.5.1_build_5336
cisco pix_firewall_software 6.0
lite speed_technologies_litespeed_web_server 1.2_rc1
hp hp-ux 11.23
tarantella tarantella_enterprise 3.40
securecomputing sidewinder 5.2.0.03
cisco css_secure_content_accelerator 2.0
openssl openssl 0.9.7
avaya s8300 r2.0.0
cisco webns 6.10_b4
avaya intuity_audix *
CVE-2004-0112 MEDIUM

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
cisco content_services_switch_11500 *
cisco firewall_services_module 1.1.2
sco openserver 5.0.7
forcepoint stonegate 2.2.1
openssl openssl 0.9.6i
cisco pix_firewall_software 6.1(2)
avaya sg5 4.3
avaya sg203 4.4
cisco webns 7.1_0.2.06
avaya vsu 5x
sgi propack 2.3
cisco pix_firewall_software 6.0(1)
cisco pix_firewall_software 6.1(4)
vmware gsx_server 2.0
stonesoft servercluster 2.5
cisco firewall_services_module 2.1_(0.208)
openssl openssl 0.9.6j
dell bsafe_ssl-j 3.1
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco css11000_content_services_switch *
cisco pix_firewall_software 6.2(1)
openssl openssl 0.9.6c
avaya s8700 r2.0.1
novell edirectory 8.5.27
cisco pix_firewall_software 6.3(1)
securecomputing sidewinder 5.2.0.01
hp hp-ux 11.11
stonesoft stonebeat_fullcluster 2.5
openbsd openbsd 3.3
stonesoft stonebeat_securitycluster 2.0
cisco pix_firewall_software 6.3(2)
cisco pix_firewall_software 6.1(1)
sco openserver 5.0.6
avaya sg208 *
litespeedtech litespeed_web_server 1.0.1
avaya s8700 r2.0.0
avaya s8500 r2.0.1
hp wbem a.01.05.08
cisco pix_firewall_software 6.0(3)
vmware gsx_server 2.0.1_build_2129
4d webstar 5.2.2
avaya vsu 100_r2.0.1
redhat enterprise_linux_desktop 3.0
hp aaa_server *
neoteris instant_virtual_extranet 3.3.1
forcepoint stonegate 2.2.4
tarantella tarantella_enterprise 3.30
tarantella tarantella_enterprise 3.20
cisco pix_firewall_software 6.1(3)
vmware gsx_server 3.0_build_7592
forcepoint stonegate 1.5.17
securecomputing sidewinder 5.2.1
freebsd freebsd 4.8
avaya vsu 5
cisco access_registrar *
avaya converged_communications_server 2.0
4d webstar 5.2.3
avaya sg203 4.31.29
hp apache-based_web_server 2.0.43.04
dell bsafe_ssl-j 3.0.1
stonesoft stonebeat_securitycluster 2.5
4d webstar 5.2.1
cisco webns 7.10_.0.06s
novell edirectory 8.5
cisco ios 12.2za
avaya vsu 500
hp apache-based_web_server 2.0.43.00
avaya s8500 r2.0.0
stonesoft stonebeat_webcluster 2.0
forcepoint stonegate 2.0.5
cisco firewall_services_module 1.1_(3.005)
stonesoft stonebeat_fullcluster 1_2.0
sgi propack 3.0
4d webstar 5.2.4
forcepoint stonegate 2.1
forcepoint stonegate 2.0.8
bluecoat cacheos_ca_sa 4.1.12
forcepoint stonegate 1.6.2
neoteris instant_virtual_extranet 3.0
cisco ios 12.1(11b)e12
hp wbem a.02.00.00
openssl openssl 0.9.6f
cisco pix_firewall_software 6.2(2)
neoteris instant_virtual_extranet 3.1
apple mac_os_x 10.3.3
cisco pix_firewall_software 6.1(5)
novell edirectory 8.7.1
securecomputing sidewinder 5.2.1.02
4d webstar 5.3.1
cisco gss_4490_global_site_selector *
securecomputing sidewinder 5.2
checkpoint provider-1 4.1
cisco okena_stormwatch 3.2
dell bsafe_ssl-j 3.0
cisco firewall_services_module *
checkpoint firewall-1 next_generation_fp0
forcepoint stonegate 2.0.4
hp hp-ux 11.00
redhat linux 7.2
hp wbem a.02.00.01
cisco pix_firewall 6.2.2_.111
cisco ios 12.1(11b)e14
freebsd freebsd 5.1
avaya sg5 4.2
neoteris instant_virtual_extranet 3.3
forcepoint stonegate 1.6.3
hp hp-ux 8.05
cisco webns 6.10
cisco pix_firewall_software 6.0(2)
forcepoint stonegate 2.0.1
bluecoat proxysg *
novell edirectory 8.5.12a
openssl openssl 0.9.6h
openssl openssl 0.9.7b
openbsd openbsd 3.4
cisco ios 12.1(11b)e
cisco ios 12.1(11)e
cisco pix_firewall_software 6.0(4)
freebsd freebsd 5.2
forcepoint stonegate 1.7.2
avaya intuity_audix s3210
forcepoint stonegate 2.0.7
4d webstar 5.2
checkpoint vpn-1 next_generation_fp2
avaya sg5 4.4
redhat openssl 0.9.6-15
forcepoint stonegate 2.0.6
cisco firewall_services_module 1.1.3
avaya intuity_audix s3400
cisco ios 12.2(14)sy
checkpoint vpn-1 next_generation_fp1
cisco pix_firewall_software 6.2(3.100)
cisco pix_firewall_software 6.2(3)
stonesoft servercluster 2.5.2
cisco webns 7.10
stonesoft stonebeat_fullcluster 3.0
cisco pix_firewall_software 6.0(4.101)
cisco ios 12.2(14)sy1
securecomputing sidewinder 5.2.0.02
cisco pix_firewall_software 6.1
cisco pix_firewall_software 6.3(3.109)
redhat linux 7.3
cisco secure_content_accelerator 10000
cisco application_and_content_networking_software *
sgi propack 2.4
cisco threat_response *
redhat openssl 0.9.6b-3
sun crypto_accelerator_4000 1.0
stonesoft stonebeat_fullcluster 2.0
avaya intuity_audix 5.1.46
avaya vsu 10000_r2.0.1
checkpoint firewall-1 next_generation_fp2
apple mac_os_x_server 10.3.3
avaya vsu 2000_r2.0.1
novell edirectory 8.6.2
cisco call_manager *
openssl openssl 0.9.7a
cisco mds_9000 *
cisco ciscoworks_common_management_foundation 2.1
novell edirectory 8.0
checkpoint firewall-1 *
openssl openssl 0.9.6d
openssl openssl 0.9.6e
freebsd freebsd 4.9
4d webstar 4.0
novell imanager 2.0
bluecoat cacheos_ca_sa 4.1.10
forcepoint stonegate 2.0.9
cisco ios 12.2sy
cisco ios 12.1(13)e9
redhat openssl 0.9.7a-2
novell imanager 1.5
openssl openssl 0.9.6k
avaya vsu 5000_r2.0.1
securecomputing sidewinder 5.2.0.04
cisco gss_4480_global_site_selector *
freebsd freebsd 5.2.1
cisco webns 7.1_0.1.02
avaya sg200 4.31.29
checkpoint vpn-1 next_generation_fp0
vmware gsx_server 2.5.1
cisco webns 7.2_0.0.03
cisco pix_firewall_software 6.3
cisco ios 12.1(19)e1
stonesoft stonebeat_fullcluster 1_3.0
forcepoint stonegate 2.2
cisco css_secure_content_accelerator 1.0
neoteris instant_virtual_extranet 3.2
forcepoint stonegate 1.7.1
checkpoint firewall-1 2.0
cisco pix_firewall_software 6.3(3.102)
avaya sg208 4.4
avaya vsu 7500_r2.0.1
cisco pix_firewall_software 6.2
avaya sg200 4.4
symantec clientless_vpn_gateway_4400 5.0
avaya s8300 r2.0.1
redhat linux 8.0
checkpoint firewall-1 next_generation_fp1
openssl openssl 0.9.7c
forcepoint stonegate 1.7
4d webstar 5.3
redhat enterprise_linux 3.0
openssl openssl 0.9.6g
novell edirectory 8.7
cisco ciscoworks_common_services 2.2
stonesoft stonebeat_webcluster 2.5
vmware gsx_server 2.5.1_build_5336
cisco pix_firewall_software 6.0
forcepoint stonegate 1.5.18
hp hp-ux 11.23
tarantella tarantella_enterprise 3.40
securecomputing sidewinder 5.2.0.03
cisco css_secure_content_accelerator 2.0
openssl openssl 0.9.7
avaya s8300 r2.0.0
cisco webns 6.10_b4
avaya intuity_audix *
CVE-2004-1970 HIGH

Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and local users to gain administrative access by providing the admin username followed by a password that is the maximum allowed length, then pressing the enter key after the resulting error message.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
securecomputing smartether_ss6215s_switch *
CVE-2004-2399 MEDIUM

Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (CPU consumption) via delayed responses to DNS queries.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
securecomputing sidewinder_g2 6.1.0.01
CVE-2004-2543 MEDIUM

Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service (proxy failure) via invalid traffic to the (1) T.120 or (2) RTSP proxy, or (3) invalid MIME messages to the mail filter. NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts after the failure.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
securecomputing sidewinder_g2 6.1.0.01
CVE-2004-2544 LOW

Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
securecomputing sidewinder_g2 6.1.0.01
CVE-2004-2545 MEDIUM

Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (SMTP proxy failure) via unknown attack vendors involving an "extremely busy network." NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts after the failure.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
securecomputing sidewinder_g2 6.1.0.01
CVE-2005-0864 MEDIUM

The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and possibly other products, allows remote attackers to read arbitrary files via a full pathname in the HTTP request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
securecomputing samsung_adsl_modem smdk8947v1.2
CVE-2005-0865 HIGH

Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) root, (2) admin, or (3) user users, which allows remote attackers to gain privileges via Telnet or an HTTP request to adsl.cgi.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
securecomputing samsung_adsl_modem smdk8947v1.2
CVE-2006-4613 HIGH

Multiple unspecified vulnerabilities in SnapGear before 3.1.4u1 allow remote attackers to cause a denial of service via unspecified vectors involving (1) IPSec replay windows and (2) the use of vulnerable versions of ClamAV before 0.88.4. NOTE: it is possible that vector 2 is related to CVE-2006-4018.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
securecomputing snapgear_sg580 *
securecomputing snapgear_sg710 *
securecomputing snapgear_sg565 *
securecomputing snapgear_sg560 *
CVE-2020-36908

SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full administrative privileges when a logged-in user visits the page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
disclosure@vulncheck.com 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

Products Affected

Vendor Product Version
securecomputing snapgear_sg560_firmware 3.1.5
CVE-2020-36909

SnapGear Management Console SG560 3.1.5 contains a file manipulation vulnerability that allows authenticated users to read, write, and delete files using the edit_config_files CGI script. Attackers can manipulate POST request parameters in /cgi-bin/cgix/edit_config_files to access and modify files outside the intended /etc/config/ directory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
disclosure@vulncheck.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
securecomputing snapgear_sg560_firmware 3.1.5