MidnightBSD

Advisories for tarantella

CVE-2001-0805 MEDIUM

Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the pg parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tarantella tarantella_enterprise 3.0
tarantella tarantella_enterprise 3.01
CVE-2002-0203 MEDIUM

ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows remote attackers to view directory contents via an empty pg parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tarantella tarantella_enterprise 3.0
tarantella tarantella_enterprise 3.10
tarantella tarantella_enterprise 3.20
CVE-2002-0211 MEDIUM

Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tarantella tarantella_enterprise 3.3.0.1
tarantella tarantella_enterprise 3.3.10
tarantella tarantella_enterprise 3.3.0
tarantella tarantella_enterprise 3.3.11
tarantella tarantella_enterprise 3.3.20
CVE-2002-0296 LOW

The installation of Tarantella Enterprise 3 allows local users to overwrite arbitrary files via a symlink attack on the "spinning" temporary file.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tarantella tarantella_enterprise 3.0
tarantella tarantella_enterprise 3.10
tarantella tarantella_enterprise 3.01
tarantella tarantella_enterprise 3.20
tarantella tarantella_enterprise 3.11
CVE-2004-0079 MEDIUM

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
symantec clientless_vpn_gateway_4400 5.0
neoteris instant_virtual_extranet 3.3.1
neoteris instant_virtual_extranet 3.3
hp hp-ux 11.11
cisco css_secure_content_accelerator 1.0
cisco gss_4480_global_site_selector *
openssl openssl 0.9.6h
stonesoft stonebeat_fullcluster 2.5
bluecoat cacheos_ca_sa 4.1.10
avaya vsu 500
novell edirectory 8.5.27
cisco css11000_content_services_switch *
sgi propack 2.4
cisco pix_firewall_software 6.3(2)
stonesoft stonebeat_securitycluster 2.5
redhat linux 7.3
4d webstar 5.2
stonesoft stonegate 2.1
cisco pix_firewall_software 6.0(2)
tarantella tarantella_enterprise 3.30
stonesoft stonegate 2.0.8
vmware gsx_server 2.5.1_build_5336
vmware gsx_server 3.0_build_7592
stonesoft stonegate 1.6.3
avaya s8300 r2.0.1
stonesoft stonebeat_fullcluster 1_3.0
redhat openssl 0.9.7a-2
avaya vsu 5
securecomputing sidewinder 5.2.1.02
stonesoft stonegate 1.5.18
lite speed_technologies_litespeed_web_server 1.3
avaya intuity_audix s3400
cisco okena_stormwatch 3.2
cisco webns 7.1_0.1.02
stonesoft stonegate 2.0.1
cisco secure_content_accelerator 10000
novell imanager 1.5
cisco mds_9000 *
neoteris instant_virtual_extranet 3.0
avaya intuity_audix s3210
stonesoft servercluster 2.5.2
openssl openssl 0.9.6c
avaya sg200 4.31.29
4d webstar 5.2.3
avaya intuity_audix 5.1.46
checkpoint provider-1 4.1
hp wbem a.02.00.00
novell edirectory 8.6.2
cisco ios 12.2za
bluecoat cacheos_ca_sa 4.1.12
sco openserver 5.0.6
securecomputing sidewinder 5.2.0.04
cisco firewall_services_module 1.1.3
cisco ios 12.1(19)e1
cisco pix_firewall_software 6.0(1)
cisco firewall_services_module *
stonesoft stonegate 2.0.9
cisco pix_firewall_software 6.3
redhat enterprise_linux 3.0
dell bsafe_ssl-j 3.0
4d webstar 5.2.1
cisco pix_firewall_software 6.2
cisco pix_firewall_software 6.2(2)
4d webstar 5.2.4
cisco threat_response *
vmware gsx_server 2.5.1
stonesoft stonegate_vpn_client 1.7.2
avaya sg208 *
novell edirectory 8.7.1
cisco pix_firewall_software 6.3(1)
sco openserver 5.0.7
freebsd freebsd 4.9
stonesoft stonebeat_webcluster 2.5
sun crypto_accelerator_4000 1.0
novell edirectory 8.5
openssl openssl 0.9.6e
openbsd openbsd 3.4
openssl openssl 0.9.7c
avaya vsu 7500_r2.0.1
checkpoint vpn-1 next_generation_fp1
openssl openssl 0.9.6j
stonesoft stonegate_vpn_client 2.0.7
cisco webns 7.10
vmware gsx_server 2.0.1_build_2129
hp wbem a.02.00.01
hp wbem a.01.05.08
avaya converged_communications_server 2.0
cisco webns 7.1_0.2.06
checkpoint firewall-1 next_generation_fp0
stonesoft stonegate 1.5.17
cisco webns 7.10_.0.06s
stonesoft stonegate_vpn_client 2.0.9
cisco pix_firewall_software 6.1(1)
avaya s8300 r2.0.0
dell bsafe_ssl-j 3.0.1
lite speed_technologies_litespeed_web_server 1.2_rc1
avaya sg5 4.3
cisco ciscoworks_common_services 2.2
tarantella tarantella_enterprise 3.20
cisco webns 7.2_0.0.03
cisco pix_firewall_software 6.0(4.101)
cisco pix_firewall_software 6.2(3.100)
cisco css_secure_content_accelerator 2.0
redhat openssl 0.9.6-15
freebsd freebsd 5.2
cisco ios 12.2(14)sy1
cisco pix_firewall_software 6.0(4)
cisco pix_firewall_software 6.3(3.102)
avaya sg5 4.2
openssl openssl 0.9.6d
novell edirectory 8.5.12a
stonesoft stonebeat_securitycluster 2.0
sgi propack 3.0
stonesoft stonebeat_fullcluster 1_2.0
avaya sg208 4.4
cisco pix_firewall 6.2.2_.111
hp hp-ux 8.05
cisco application_and_content_networking_software *
cisco ios 12.2sy
novell edirectory 8.0
stonesoft stonegate_vpn_client 1.7
openssl openssl 0.9.6f
lite speed_technologies_litespeed_web_server 1.3_rc3
cisco webns 6.10_b4
cisco pix_firewall_software 6.1(2)
stonesoft stonegate 1.7.2
cisco ios 12.1(11)e
avaya s8700 r2.0.0
checkpoint firewall-1 next_generation_fp2
avaya sg5 4.4
4d webstar 5.2.2
cisco ios 12.1(11b)e
lite speed_technologies_litespeed_web_server 1.3_rc1
lite speed_technologies_litespeed_web_server 1.2.1
redhat linux 7.2
checkpoint firewall-1 *
avaya s8700 r2.0.1
stonesoft stonegate 1.7.1
cisco ios 12.1(13)e9
hp hp-ux 11.00
stonesoft stonegate 1.6.2
redhat openssl 0.9.6b-3
cisco pix_firewall_software 6.1(3)
cisco webns 6.10
sgi propack 2.3
cisco firewall_services_module 1.1_(3.005)
checkpoint firewall-1 2.0
4d webstar 5.3.1
cisco ios 12.1(11b)e12
apple mac_os_x 10.3.3
securecomputing sidewinder 5.2.0.02
lite speed_technologies_litespeed_web_server 1.3.1
hp aaa_server *
avaya sg203 4.31.29
lite speed_technologies_litespeed_web_server 1.0.1
neoteris instant_virtual_extranet 3.1
novell edirectory 8.7
avaya vsu 10000_r2.0.1
cisco pix_firewall_software 6.1
4d webstar 4.0
securecomputing sidewinder 5.2.1
stonesoft stonegate 2.0.6
neoteris instant_virtual_extranet 3.2
stonesoft stonebeat_webcluster 2.0
cisco ios 12.1(11b)e14
cisco pix_firewall_software 6.2(3)
lite speed_technologies_litespeed_web_server 1.1.1
lite speed_technologies_litespeed_web_server 1.0.2
avaya vsu 5x
stonesoft stonegate 2.0.4
hp apache-based_web_server 2.0.43.04
tarantella tarantella_enterprise 3.40
openssl openssl 0.9.6g
openssl openssl 0.9.6i
hp apache-based_web_server 2.0.43.00
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco firewall_services_module 1.1.2
stonesoft stonegate 2.0.5
freebsd freebsd 5.1
avaya vsu 5000_r2.0.1
cisco gss_4490_global_site_selector *
bluecoat proxysg *
avaya intuity_audix *
stonesoft stonegate_vpn_client 2.0.8
cisco pix_firewall_software 6.1(4)
cisco pix_firewall_software 6.0
cisco firewall_services_module 2.1_(0.208)
securecomputing sidewinder 5.2.0.03
checkpoint vpn-1 next_generation_fp2
stonesoft stonegate 1.7
cisco pix_firewall_software 6.1(5)
cisco access_registrar *
freebsd freebsd 4.8
stonesoft stonegate 2.2.1
stonesoft stonegate_vpn_client 2.0
cisco ios 12.2(14)sy
lite speed_technologies_litespeed_web_server 1.2_rc2
vmware gsx_server 2.0
stonesoft stonebeat_fullcluster 3.0
openssl openssl 0.9.7
dell bsafe_ssl-j 3.1
openssl openssl 0.9.7a
lite speed_technologies_litespeed_web_server 1.0.3
freebsd freebsd 5.2.1
redhat linux 8.0
redhat enterprise_linux_desktop 3.0
cisco ciscoworks_common_management_foundation 2.1
checkpoint firewall-1 next_generation_fp1
cisco pix_firewall_software 6.0(3)
4d webstar 5.3
securecomputing sidewinder 5.2.0.01
checkpoint vpn-1 next_generation_fp0
stonesoft servercluster 2.5
lite speed_technologies_litespeed_web_server 1.2.2
stonesoft stonebeat_fullcluster 2.0
stonesoft stonegate 2.2.4
cisco call_manager *
apple mac_os_x_server 10.3.3
avaya vsu 100_r2.0.1
stonesoft stonegate 2.0.7
openbsd openbsd 3.3
securecomputing sidewinder 5.2
openssl openssl 0.9.7b
avaya sg203 4.4
openssl openssl 0.9.6k
novell imanager 2.0
lite speed_technologies_litespeed_web_server 1.1
avaya sg200 4.4
cisco pix_firewall_software 6.2(1)
cisco pix_firewall_software 6.3(3.109)
lite speed_technologies_litespeed_web_server 1.3_rc2
cisco content_services_switch_11500 *
avaya s8500 r2.0.1
avaya vsu 2000_r2.0.1
avaya s8500 r2.0.0
hp hp-ux 11.23
stonesoft stonegate 2.2
CVE-2004-0081 MEDIUM

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
symantec clientless_vpn_gateway_4400 5.0
neoteris instant_virtual_extranet 3.3.1
neoteris instant_virtual_extranet 3.3
hp hp-ux 11.11
cisco css_secure_content_accelerator 1.0
cisco gss_4480_global_site_selector *
openssl openssl 0.9.6h
stonesoft stonebeat_fullcluster 2.5
bluecoat cacheos_ca_sa 4.1.10
avaya vsu 500
novell edirectory 8.5.27
cisco css11000_content_services_switch *
sgi propack 2.4
cisco pix_firewall_software 6.3(2)
stonesoft stonebeat_securitycluster 2.5
redhat linux 7.3
4d webstar 5.2
stonesoft stonegate 2.1
cisco pix_firewall_software 6.0(2)
tarantella tarantella_enterprise 3.30
stonesoft stonegate 2.0.8
vmware gsx_server 2.5.1_build_5336
vmware gsx_server 3.0_build_7592
stonesoft stonegate 1.6.3
avaya s8300 r2.0.1
stonesoft stonebeat_fullcluster 1_3.0
redhat openssl 0.9.7a-2
avaya vsu 5
securecomputing sidewinder 5.2.1.02
stonesoft stonegate 1.5.18
lite speed_technologies_litespeed_web_server 1.3
avaya intuity_audix s3400
cisco okena_stormwatch 3.2
cisco webns 7.1_0.1.02
stonesoft stonegate 2.0.1
cisco secure_content_accelerator 10000
novell imanager 1.5
cisco mds_9000 *
neoteris instant_virtual_extranet 3.0
avaya intuity_audix s3210
stonesoft servercluster 2.5.2
openssl openssl 0.9.6c
avaya sg200 4.31.29
4d webstar 5.2.3
avaya intuity_audix 5.1.46
checkpoint provider-1 4.1
hp wbem a.02.00.00
novell edirectory 8.6.2
cisco ios 12.2za
bluecoat cacheos_ca_sa 4.1.12
sco openserver 5.0.6
securecomputing sidewinder 5.2.0.04
cisco firewall_services_module 1.1.3
cisco ios 12.1(19)e1
cisco pix_firewall_software 6.0(1)
cisco firewall_services_module *
stonesoft stonegate 2.0.9
cisco pix_firewall_software 6.3
redhat enterprise_linux 3.0
dell bsafe_ssl-j 3.0
4d webstar 5.2.1
cisco pix_firewall_software 6.2
cisco pix_firewall_software 6.2(2)
4d webstar 5.2.4
cisco threat_response *
vmware gsx_server 2.5.1
stonesoft stonegate_vpn_client 1.7.2
avaya sg208 *
novell edirectory 8.7.1
cisco pix_firewall_software 6.3(1)
sco openserver 5.0.7
freebsd freebsd 4.9
stonesoft stonebeat_webcluster 2.5
sun crypto_accelerator_4000 1.0
novell edirectory 8.5
openssl openssl 0.9.6e
openbsd openbsd 3.4
openssl openssl 0.9.7c
avaya vsu 7500_r2.0.1
checkpoint vpn-1 next_generation_fp1
openssl openssl 0.9.6j
stonesoft stonegate_vpn_client 2.0.7
cisco webns 7.10
vmware gsx_server 2.0.1_build_2129
hp wbem a.02.00.01
hp wbem a.01.05.08
avaya converged_communications_server 2.0
cisco webns 7.1_0.2.06
checkpoint firewall-1 next_generation_fp0
stonesoft stonegate 1.5.17
cisco webns 7.10_.0.06s
stonesoft stonegate_vpn_client 2.0.9
cisco pix_firewall_software 6.1(1)
avaya s8300 r2.0.0
dell bsafe_ssl-j 3.0.1
lite speed_technologies_litespeed_web_server 1.2_rc1
avaya sg5 4.3
cisco ciscoworks_common_services 2.2
tarantella tarantella_enterprise 3.20
cisco webns 7.2_0.0.03
cisco pix_firewall_software 6.0(4.101)
cisco pix_firewall_software 6.2(3.100)
cisco css_secure_content_accelerator 2.0
redhat openssl 0.9.6-15
freebsd freebsd 5.2
cisco ios 12.2(14)sy1
cisco pix_firewall_software 6.0(4)
cisco pix_firewall_software 6.3(3.102)
avaya sg5 4.2
openssl openssl 0.9.6d
novell edirectory 8.5.12a
stonesoft stonebeat_securitycluster 2.0
sgi propack 3.0
stonesoft stonebeat_fullcluster 1_2.0
avaya sg208 4.4
cisco pix_firewall 6.2.2_.111
hp hp-ux 8.05
cisco application_and_content_networking_software *
cisco ios 12.2sy
novell edirectory 8.0
stonesoft stonegate_vpn_client 1.7
openssl openssl 0.9.6f
lite speed_technologies_litespeed_web_server 1.3_rc3
cisco webns 6.10_b4
cisco pix_firewall_software 6.1(2)
stonesoft stonegate 1.7.2
cisco ios 12.1(11)e
avaya s8700 r2.0.0
checkpoint firewall-1 next_generation_fp2
checkpoint vpn-1 next_generation
avaya sg5 4.4
4d webstar 5.2.2
cisco ios 12.1(11b)e
lite speed_technologies_litespeed_web_server 1.3_rc1
lite speed_technologies_litespeed_web_server 1.2.1
redhat linux 7.2
checkpoint firewall-1 *
avaya s8700 r2.0.1
stonesoft stonegate 1.7.1
cisco ios 12.1(13)e9
hp hp-ux 11.00
stonesoft stonegate 1.6.2
redhat openssl 0.9.6b-3
cisco pix_firewall_software 6.1(3)
cisco webns 6.10
sgi propack 2.3
cisco firewall_services_module 1.1_(3.005)
checkpoint firewall-1 2.0
4d webstar 5.3.1
cisco ios 12.1(11b)e12
apple mac_os_x 10.3.3
securecomputing sidewinder 5.2.0.02
lite speed_technologies_litespeed_web_server 1.3.1
hp aaa_server *
avaya sg203 4.31.29
lite speed_technologies_litespeed_web_server 1.0.1
neoteris instant_virtual_extranet 3.1
novell edirectory 8.7
avaya vsu 10000_r2.0.1
cisco pix_firewall_software 6.1
4d webstar 4.0
securecomputing sidewinder 5.2.1
stonesoft stonegate 2.0.6
neoteris instant_virtual_extranet 3.2
stonesoft stonebeat_webcluster 2.0
cisco ios 12.1(11b)e14
cisco pix_firewall_software 6.2(3)
lite speed_technologies_litespeed_web_server 1.1.1
lite speed_technologies_litespeed_web_server 1.0.2
avaya vsu 5x
stonesoft stonegate 2.0.4
hp apache-based_web_server 2.0.43.04
tarantella tarantella_enterprise 3.40
openssl openssl 0.9.6g
openssl openssl 0.9.6i
hp apache-based_web_server 2.0.43.00
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco firewall_services_module 1.1.2
stonesoft stonegate 2.0.5
freebsd freebsd 5.1
avaya vsu 5000_r2.0.1
cisco gss_4490_global_site_selector *
bluecoat proxysg *
avaya intuity_audix *
stonesoft stonegate_vpn_client 2.0.8
cisco pix_firewall_software 6.1(4)
cisco pix_firewall_software 6.0
cisco firewall_services_module 2.1_(0.208)
securecomputing sidewinder 5.2.0.03
stonesoft stonegate 1.7
cisco pix_firewall_software 6.1(5)
cisco access_registrar *
freebsd freebsd 4.8
stonesoft stonegate 2.2.1
stonesoft stonegate_vpn_client 2.0
cisco ios 12.2(14)sy
lite speed_technologies_litespeed_web_server 1.2_rc2
vmware gsx_server 2.0
stonesoft stonebeat_fullcluster 3.0
openssl openssl 0.9.7
dell bsafe_ssl-j 3.1
openssl openssl 0.9.7a
lite speed_technologies_litespeed_web_server 1.0.3
freebsd freebsd 5.2.1
redhat linux 8.0
redhat enterprise_linux_desktop 3.0
cisco ciscoworks_common_management_foundation 2.1
checkpoint firewall-1 next_generation_fp1
cisco pix_firewall_software 6.0(3)
4d webstar 5.3
securecomputing sidewinder 5.2.0.01
checkpoint vpn-1 next_generation_fp0
stonesoft servercluster 2.5
lite speed_technologies_litespeed_web_server 1.2.2
stonesoft stonebeat_fullcluster 2.0
stonesoft stonegate 2.2.4
cisco call_manager *
apple mac_os_x_server 10.3.3
avaya vsu 100_r2.0.1
stonesoft stonegate 2.0.7
openbsd openbsd 3.3
securecomputing sidewinder 5.2
openssl openssl 0.9.7b
avaya sg203 4.4
openssl openssl 0.9.6k
novell imanager 2.0
lite speed_technologies_litespeed_web_server 1.1
avaya sg200 4.4
cisco pix_firewall_software 6.2(1)
cisco pix_firewall_software 6.3(3.109)
lite speed_technologies_litespeed_web_server 1.3_rc2
cisco content_services_switch_11500 *
avaya s8500 r2.0.1
avaya vsu 2000_r2.0.1
avaya s8500 r2.0.0
hp hp-ux 11.23
stonesoft stonegate 2.2
CVE-2004-0112 MEDIUM

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
symantec clientless_vpn_gateway_4400 5.0
neoteris instant_virtual_extranet 3.3.1
neoteris instant_virtual_extranet 3.3
hp hp-ux 11.11
cisco css_secure_content_accelerator 1.0
cisco gss_4480_global_site_selector *
openssl openssl 0.9.6h
stonesoft stonebeat_fullcluster 2.5
bluecoat cacheos_ca_sa 4.1.10
avaya vsu 500
novell edirectory 8.5.27
cisco css11000_content_services_switch *
sgi propack 2.4
cisco pix_firewall_software 6.3(2)
stonesoft stonebeat_securitycluster 2.5
redhat linux 7.3
4d webstar 5.2
cisco pix_firewall_software 6.0(2)
tarantella tarantella_enterprise 3.30
vmware gsx_server 2.5.1_build_5336
vmware gsx_server 3.0_build_7592
forcepoint stonegate 2.0.7
avaya s8300 r2.0.1
stonesoft stonebeat_fullcluster 1_3.0
redhat openssl 0.9.7a-2
avaya vsu 5
securecomputing sidewinder 5.2.1.02
avaya intuity_audix s3400
cisco okena_stormwatch 3.2
cisco webns 7.1_0.1.02
cisco secure_content_accelerator 10000
novell imanager 1.5
cisco mds_9000 *
neoteris instant_virtual_extranet 3.0
avaya intuity_audix s3210
stonesoft servercluster 2.5.2
openssl openssl 0.9.6c
avaya sg200 4.31.29
4d webstar 5.2.3
avaya intuity_audix 5.1.46
checkpoint provider-1 4.1
hp wbem a.02.00.00
novell edirectory 8.6.2
cisco ios 12.2za
forcepoint stonegate 1.5.18
bluecoat cacheos_ca_sa 4.1.12
sco openserver 5.0.6
securecomputing sidewinder 5.2.0.04
cisco firewall_services_module 1.1.3
cisco ios 12.1(19)e1
cisco pix_firewall_software 6.0(1)
cisco firewall_services_module *
forcepoint stonegate 1.7
cisco pix_firewall_software 6.3
redhat enterprise_linux 3.0
dell bsafe_ssl-j 3.0
4d webstar 5.2.1
cisco pix_firewall_software 6.2
cisco pix_firewall_software 6.2(2)
4d webstar 5.2.4
cisco threat_response *
vmware gsx_server 2.5.1
avaya sg208 *
novell edirectory 8.7.1
cisco pix_firewall_software 6.3(1)
sco openserver 5.0.7
forcepoint stonegate 2.0.6
freebsd freebsd 4.9
forcepoint stonegate 2.0.1
stonesoft stonebeat_webcluster 2.5
sun crypto_accelerator_4000 1.0
novell edirectory 8.5
openssl openssl 0.9.6e
openbsd openbsd 3.4
openssl openssl 0.9.7c
avaya vsu 7500_r2.0.1
checkpoint vpn-1 next_generation_fp1
openssl openssl 0.9.6j
cisco webns 7.10
vmware gsx_server 2.0.1_build_2129
hp wbem a.02.00.01
hp wbem a.01.05.08
avaya converged_communications_server 2.0
cisco webns 7.1_0.2.06
forcepoint stonegate 2.0.8
checkpoint firewall-1 next_generation_fp0
cisco webns 7.10_.0.06s
cisco pix_firewall_software 6.1(1)
avaya s8300 r2.0.0
dell bsafe_ssl-j 3.0.1
avaya sg5 4.3
cisco ciscoworks_common_services 2.2
tarantella tarantella_enterprise 3.20
cisco webns 7.2_0.0.03
cisco pix_firewall_software 6.0(4.101)
cisco pix_firewall_software 6.2(3.100)
cisco css_secure_content_accelerator 2.0
redhat openssl 0.9.6-15
freebsd freebsd 5.2
cisco ios 12.2(14)sy1
cisco pix_firewall_software 6.0(4)
cisco pix_firewall_software 6.3(3.102)
avaya sg5 4.2
openssl openssl 0.9.6d
novell edirectory 8.5.12a
stonesoft stonebeat_securitycluster 2.0
sgi propack 3.0
forcepoint stonegate 2.2.1
stonesoft stonebeat_fullcluster 1_2.0
avaya sg208 4.4
cisco pix_firewall 6.2.2_.111
hp hp-ux 8.05
cisco application_and_content_networking_software *
cisco ios 12.2sy
novell edirectory 8.0
openssl openssl 0.9.6f
cisco webns 6.10_b4
cisco pix_firewall_software 6.1(2)
cisco ios 12.1(11)e
avaya s8700 r2.0.0
checkpoint firewall-1 next_generation_fp2
avaya sg5 4.4
4d webstar 5.2.2
cisco ios 12.1(11b)e
redhat linux 7.2
forcepoint stonegate 1.5.17
checkpoint firewall-1 *
avaya s8700 r2.0.1
cisco ios 12.1(13)e9
hp hp-ux 11.00
redhat openssl 0.9.6b-3
cisco pix_firewall_software 6.1(3)
cisco webns 6.10
sgi propack 2.3
cisco firewall_services_module 1.1_(3.005)
checkpoint firewall-1 2.0
4d webstar 5.3.1
cisco ios 12.1(11b)e12
apple mac_os_x 10.3.3
securecomputing sidewinder 5.2.0.02
hp aaa_server *
avaya sg203 4.31.29
forcepoint stonegate 1.7.2
neoteris instant_virtual_extranet 3.1
novell edirectory 8.7
avaya vsu 10000_r2.0.1
forcepoint stonegate 1.6.3
cisco pix_firewall_software 6.1
4d webstar 4.0
securecomputing sidewinder 5.2.1
forcepoint stonegate 1.6.2
neoteris instant_virtual_extranet 3.2
stonesoft stonebeat_webcluster 2.0
cisco ios 12.1(11b)e14
cisco pix_firewall_software 6.2(3)
avaya vsu 5x
hp apache-based_web_server 2.0.43.04
tarantella tarantella_enterprise 3.40
openssl openssl 0.9.6g
openssl openssl 0.9.6i
hp apache-based_web_server 2.0.43.00
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco firewall_services_module 1.1.2
freebsd freebsd 5.1
avaya vsu 5000_r2.0.1
litespeedtech litespeed_web_server 1.0.1
cisco gss_4490_global_site_selector *
bluecoat proxysg *
forcepoint stonegate 2.0.9
forcepoint stonegate 2.0.4
avaya intuity_audix *
cisco pix_firewall_software 6.1(4)
cisco pix_firewall_software 6.0
cisco firewall_services_module 2.1_(0.208)
forcepoint stonegate 2.0.5
securecomputing sidewinder 5.2.0.03
checkpoint vpn-1 next_generation_fp2
cisco pix_firewall_software 6.1(5)
cisco access_registrar *
freebsd freebsd 4.8
forcepoint stonegate 2.1
forcepoint stonegate 2.2
cisco ios 12.2(14)sy
vmware gsx_server 2.0
stonesoft stonebeat_fullcluster 3.0
openssl openssl 0.9.7
dell bsafe_ssl-j 3.1
openssl openssl 0.9.7a
freebsd freebsd 5.2.1
redhat linux 8.0
redhat enterprise_linux_desktop 3.0
cisco ciscoworks_common_management_foundation 2.1
checkpoint firewall-1 next_generation_fp1
cisco pix_firewall_software 6.0(3)
4d webstar 5.3
securecomputing sidewinder 5.2.0.01
checkpoint vpn-1 next_generation_fp0
stonesoft servercluster 2.5
stonesoft stonebeat_fullcluster 2.0
cisco call_manager *
apple mac_os_x_server 10.3.3
avaya vsu 100_r2.0.1
openbsd openbsd 3.3
securecomputing sidewinder 5.2
forcepoint stonegate 1.7.1
openssl openssl 0.9.7b
avaya sg203 4.4
openssl openssl 0.9.6k
novell imanager 2.0
avaya sg200 4.4
cisco pix_firewall_software 6.2(1)
cisco pix_firewall_software 6.3(3.109)
cisco content_services_switch_11500 *
avaya s8500 r2.0.1
avaya vsu 2000_r2.0.1
forcepoint stonegate 2.2.4
avaya s8500 r2.0.0
hp hp-ux 11.23
CVE-2005-0486 MEDIUM

Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tarantella tarantella_enterprise 3.40
tarantella tarantella_enterprise 3.30
tarantella secure_global_desktop enterprise_3.42
tarantella secure_global_desktop enterprise_4.0