Vulnerability CVE-2007-6095
Published: 2007-11-21   Modified: 2012-02-12

Description:
The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users.

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Ingate -> Ingate firewall 
Ingate -> Ingate siparator 

 References:
http://www.securityfocus.com/bid/26486
http://www.ingate.com/relnote-460.php
http://secunia.com/advisories/27688
http://osvdb.org/42172
Copyright 2024, cxsecurity.com

 

Back to Top