Vulnerabilites related to ingate - siparator
Vulnerability from fkie_nvd
Published
2005-12-22 00:03
Modified
2025-04-03 01:03
Severity ?
Summary
Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_firewall | 3.2 | |
| ingate | ingate_firewall | 3.2.1 | |
| ingate | ingate_firewall | 3.3.1 | |
| ingate | ingate_firewall | 4.1.3 | |
| ingate | siparator | * | |
| ingate | siparator | 3.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54A62177-AABD-4770-A51F-6C30F7D90AB2",
"versionEndIncluding": "4.3.3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "367F6F04-0E45-4EED-AB36-D8D1E993D29B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8229DE3A-B9CB-44FF-8409-51E09DDED479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2699E7A6-7B3A-4C4C-9472-B8B6B547624D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C3E88A46-CEC7-46D5-9697-232E18531FD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA371916-6FC8-4CF9-8A9F-0B079A33E70D",
"versionEndIncluding": "4.3.3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:ingate:siparator:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D3A3E34-3BCF-4FE7-A984-D83BCFE139F7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response."
}
],
"id": "CVE-2005-4464",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-22T00:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18138"
},
{
"source": "cve@mitre.org",
"url": "http://www.ingate.com/relnote-434.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16023"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/3011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ingate.com/relnote-434.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/3011"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-09 10:02
Modified
2025-04-03 01:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to "XSS exploits" in administrator functionality.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ingate | ingate_firewall | * | |
| ingate | ingate_firewall | 4.3.1 | |
| ingate | siparator | * | |
| ingate | siparator | 4.3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85077F8-D213-4942-9B02-69BC9465FCAD",
"versionEndIncluding": "4.3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:ingate_firewall:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1559E6-E7B6-4B5B-8841-CF502E05BA46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:siparator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37F083E1-9FA4-4A5A-BBAD-3C422E930752",
"versionEndIncluding": "4.3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ingate:siparator:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "46C98D55-9DB1-47EC-9734-BBE8E892B4EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to \"XSS exploits\" in administrator functionality."
}
],
"id": "CVE-2006-2925",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-06-09T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20479"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016244"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016245"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2006-2925 (GCVE-0-2006-2925)
Vulnerability from cvelistv5
Published
2006-06-09 10:00
Modified
2024-08-07 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to "XSS exploits" in administrator functionality.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:27.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016245",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016245"
},
{
"name": "1016244",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016244"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"name": "ADV-2006-2183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"name": "20479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20479"
},
{
"name": "ingate-gui-xss(26978)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to \"XSS exploits\" in administrator functionality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016245",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016245"
},
{
"name": "1016244",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016244"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-441.php"
},
{
"name": "ADV-2006-2183",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"name": "20479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20479"
},
{
"name": "ingate-gui-xss(26978)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to \"XSS exploits\" in administrator functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016245",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016245"
},
{
"name": "1016244",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016244"
},
{
"name": "http://www.ingate.com/relnote-441.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-441.php"
},
{
"name": "ADV-2006-2183",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2183"
},
{
"name": "20479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20479"
},
{
"name": "ingate-gui-xss(26978)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26978"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2925",
"datePublished": "2006-06-09T10:00:00",
"dateReserved": "2006-06-09T00:00:00",
"dateUpdated": "2024-08-07T18:06:27.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-4464 (GCVE-0-2005-4464)
Vulnerability from cvelistv5
Published
2005-12-22 00:00
Modified
2024-08-07 23:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "16023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16023"
},
{
"name": "18138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18138"
},
{
"name": "ADV-2005-3011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/3011"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ingate.com/relnote-434.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "16023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16023"
},
{
"name": "18138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18138"
},
{
"name": "ADV-2005-3011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/3011"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ingate.com/relnote-434.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4464",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "16023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16023"
},
{
"name": "18138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18138"
},
{
"name": "ADV-2005-3011",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/3011"
},
{
"name": "http://www.ingate.com/relnote-434.php",
"refsource": "CONFIRM",
"url": "http://www.ingate.com/relnote-434.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4464",
"datePublished": "2005-12-22T00:00:00",
"dateReserved": "2005-12-21T00:00:00",
"dateUpdated": "2024-08-07T23:46:05.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}