Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

vpn 5000 client vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2002-1491
The Cisco VPN 5000 Client for MacOS prior to 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges.
Cisco Vpn 5000 Client 5.1.2Cisco Vpn 5000 Client 5.2.1
NA
CVE-2002-1492
Buffer overflows in the Cisco VPN 5000 Client prior to 5.2.7 for Linux, and VPN 5000 Client prior to 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.
Cisco Vpn 5000 Client 5.2.6Cisco Vpn 5000 Client 5.2.7
NA
CVE-2002-0848
Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and previous versions, and 5.2.23.0003 and previous versions, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request...
Cisco Vpn 5000 Concentrator Series Software
NA
CVE-2001-0554
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote malicious users to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
Netkit Linux Netkit 0.10Netkit Linux Netkit 0.11Mit Kerberos 1.0Netkit Linux Netkit 0.12Sgi Irix 6.5Mit Kerberos 5 1.2Mit Kerberos 5 1.2.1Mit Kerberos 5 1.2.2Mit Kerberos 5 1.1Mit Kerberos 5 1.1.1Freebsd Freebsd 2.0Freebsd Freebsd 2.0.1Freebsd Freebsd 2.0.5Freebsd Freebsd 2.1Freebsd Freebsd 2.1.0Freebsd Freebsd 2.1.5Freebsd Freebsd 2.1.6Freebsd Freebsd 2.1.6.1Freebsd Freebsd 2.1.7Freebsd Freebsd 2.1.7.1Freebsd Freebsd 2.2Freebsd Freebsd 2.2.1
7.5
CVSSv3
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0cOpenssl Openssl 1.1.0Openssl Openssl 1.1.0bOpenssl Openssl 1.1.0aOracle Agile Engineering Data Management 6.2.0Oracle Jd Edwards World Security A9.2Oracle Communications Eagle Lnp Application Processor 10.1Oracle Communications Application Session Controller 3.7.1Oracle Jd Edwards World Security A9.4Oracle Jd Edwards Enterpriseone Tools 9.2Oracle Communications Operations Monitor 3.4Oracle Communications Operations Monitor 4.0Oracle Agile Engineering Data Management 6.1.3Oracle Jd Edwards World Security A9.1Oracle Jd Edwards World Security A9.3Oracle Communications Eagle Lnp Application Processor 10.0Oracle Communications Eagle Lnp Application Processor 10.2Oracle Communications Application Session Controller 3.8.0
7.5
CVSSv3
CVE-2015-3193
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 prior to 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote malicious users to obt...
Openssl Openssl 1.0.2aOpenssl Openssl 1.0.2bOpenssl Openssl 1.0.2cOpenssl Openssl 1.0.2Openssl Openssl 1.0.2dNodejs Node.jsCanonical Ubuntu Linux 15.10Canonical Ubuntu Linux 15.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 12.04
NA
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Openssl Openssl 1.0.2aOpenssl Openssl 1.0.2bOpenssl Openssl 1.0.2cOpenssl Openssl 1.0.2Openssl Openssl 1.0.2d
NA
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl OpensslOpenssl Openssl 1.0.1mOpenssl Openssl 1.0.2aOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.1Openssl Openssl 1.0.0cOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0Openssl Openssl 1.0.1hOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0pOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1d
7.5
CVSSv3
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1mOpenssl Openssl 1.0.2aOpenssl Openssl 1.0.1jOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.2eOpenssl Openssl 1.0.1rOpenssl Openssl 1.0.2bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.2gOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.2hOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1tOpenssl Openssl 1.0.2cOpenssl Openssl 1.0.1pOpenssl Openssl 1.0.1kOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1nOpenssl Openssl 1.0.1qOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1l
7.5
CVSSv3
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0Openssl Openssl 1.1.0cOpenssl Openssl 1.1.0dOpenssl Openssl 1.1.0aOpenssl Openssl 1.1.0bHp Operations Agent 11.15Hp Operations Agent 11.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook