OpenConnect WebConnect多个远程漏洞

漏洞信息详情

OpenConnect WebConnect多个远程漏洞

• CNNVD编号：CNNVD-200402-087
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-0466
  
• 漏洞类型：
  
  
  未知
  
• 发布时间：
  
  2004-02-21
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  openconnect
• 漏洞来源：
  Discovery of these…

WebConnect 6.5， 6.4.4以及可能之前的版本存在漏洞。远程攻击者可以借助包含例如(1) AUX， (2) CON， (3) PRN， (4) COM1或者(5) LPT1的MS-DOS设备名字的URL导致服务拒绝（挂起）。

It is reported that the vendor has addressed these vulnerabilities in version 6.5.1. Customers are advised to contact the vendor for further information regarding obtaining and applying an appropriate update.

来源:US-CERT Vulnerability Note: VU#JSHA-69FVMM
名称: http://www.kb.cert.org/vuls/id/JSHA-69FVMM
链接:http://www.kb.cert.org/vuls/id/JSHA-69FVMM

来源:US-CERT Vulnerability Note: VU#552561
名称: VU#552561
链接:http://www.kb.cert.org/vuls/id/552561

来源: XF
名称: webconnect-device-name-dos(19393)
链接:http://xforce.iss.net/xforce/xfdb/19393

来源: SECUNIA
名称: 14006
链接:http://secunia.com/advisories/14006/

来源: www.cirt.dk
链接:http://www.cirt.dk/advisories/cirt-29-advisory.pdf

来源: BUGTRAQ
名称: 20050220 The WebConnect 6.4.4 and 6.5 contains several vulnerabilities
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=110910838600145&w=2