Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ingate Subscribe
Filtered by product Ingate Firewall
Total 16 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0960 6 Cisco, Ecos Sourceware, Ingate and 3 more 25 Ace 10 6504 Bundle With 4 Gbps Throughput, Ace 10 6509 Bundle With 8 Gbps Throughput, Ace 10 Service Module and 22 more 2018-10-30 10.0 HIGH N/A
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.
CVE-2007-3177 1 Ingate 2 Ingate Firewall, Ingate Siparator 2017-07-28 5.0 MEDIUM N/A
Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter.
CVE-2007-3176 1 Ingate 2 Ingate Firewall, Ingate Siparator 2017-07-28 4.0 MEDIUM N/A
Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report.
CVE-2006-2924 1 Ingate 2 Ingate Firewall, Ingate Siparator 2017-07-19 5.0 MEDIUM N/A
Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake.
CVE-2006-2925 1 Ingate 2 Ingate Firewall, Siparator 2017-07-19 4.0 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to "XSS exploits" in administrator functionality.
CVE-2005-0311 1 Ingate 1 Ingate Firewall 2017-07-10 4.6 MEDIUM N/A
Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources.
CVE-2003-1112 1 Ingate 2 Ingate Firewall, Ingate Siparator 2017-07-10 7.5 HIGH N/A
The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
CVE-2005-4464 1 Ingate 2 Ingate Firewall, Siparator 2011-03-07 7.8 HIGH N/A
Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response.
CVE-2007-6093 1 Ingate 2 Ingate Firewall, Ingate Siparator 2008-11-14 7.1 HIGH N/A
The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is "much more than expected."
CVE-2007-6094 1 Ingate 2 Ingate Firewall, Ingate Siparator 2008-11-14 4.3 MEDIUM N/A
The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS).
CVE-2007-6095 1 Ingate 2 Ingate Firewall, Ingate Siparator 2008-11-14 4.0 MEDIUM N/A
The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users.
CVE-2007-6092 1 Ingate 2 Ingate Firewall, Ingate Siparator 2008-11-14 10.0 HIGH N/A
Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.
CVE-2007-6097 1 Ingate 2 Ingate Firewall, Ingate Siparator 2008-11-14 10.0 HIGH N/A
Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted."
CVE-2007-6098 1 Ingate 2 Ingate Firewall, Ingate Siparator 2008-11-14 7.5 HIGH N/A
Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection.
CVE-2007-6096 1 Ingate 2 Ingate Firewall, Ingate Siparator 2008-11-14 5.0 MEDIUM N/A
Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of "administrators with less privileges," which might allow attackers to read these passwords via unknown vectors.
CVE-2007-6099 1 Ingate 2 Ingate Firewall, Ingate Siparator 2008-09-05 10.0 HIGH N/A
Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "media pinholes" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities.