Details of VAR-200606-0559

ID

VAR-200606-0559

CVE

CVE-2006-2924

TITLE

Ingate Firewall/SIParator SSL/TLS Handshake Denial of service vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200606-201

DESCRIPTION

Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake. Ingate Firewall and SIParator products are prone to a remote denial-of-service vulnerability. This vulnerability is exploitable only if SSL/TLS has been enabled in the SIP module or in the webserver. Versions of Ingate Firewall and SIParator prior to 4.4.1 are vulnerable to this issue. ---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports. http://secunia.com/secunia_security_specialist/ ---------------------------------------------------------------------- TITLE: Ingate Firewall and SIParator Two Vulnerabilities SECUNIA ADVISORY ID: SA20479 VERIFY ADVISORY: http://secunia.com/advisories/20479/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, DoS WHERE: >From remote OPERATING SYSTEM: Ingate SIParator 4.x http://secunia.com/product/5687/ Ingate Firewall 4.x http://secunia.com/product/4050/ DESCRIPTION: Two vulnerabilities have been reported in Ingate Firewall and SIParator, which can be exploited by malicious people to conduct cross-site scripting attacks and to cause a DoS (Denial of Service). 1) An error exists within the handling of SSL/TLS handshake in the SIP module and in the web server. This can be exploited to cause the modules to crash via a specially-crafted handshake. Successful exploitation requires that SSL/TLS is enabled. 2) Input passed to unspecified parameters in the web interface isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in an administrator's browser session in context of the web interface. SOLUTION: Update to version 4.4.1. http://www.ingate.com/upgrades.php PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.ingate.com/relnote-441.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2006-2924 // BID: 18318 // VULHUB: VHN-19032 // PACKETSTORM: 47098

AFFECTED PRODUCTS

vendor:	ingate	model:	siparator	scope:	eq	version:	4.3.4	Trust: 1.9
vendor:	ingate	model:	firewall	scope:	eq	version:	4.3.4	Trust: 1.9
vendor:	ingate	model:	siparator	scope:	lte	version:	4.4.0	Trust: 1.0
vendor:	ingate	model:	firewall	scope:	lte	version:	4.4.0	Trust: 1.0
vendor:	ingate	model:	firewall	scope:	eq	version:	4.4.0	Trust: 0.6
vendor:	ingate	model:	siparator	scope:	eq	version:	4.4.0	Trust: 0.6
vendor:	ingate	model:	siparator	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	4.3	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	4.2.3	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	4.2.2	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	3.3.1	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	3.2	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	eq	version:	4.4	Trust: 0.3
vendor:	ingate	model:	firewalll	scope:	eq	version:	4.4	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	4.3.3	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	4.3.2	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	4.3.1	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	4.3	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	4.2.3	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	4.2.2	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	4.2.1	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	4.1.3	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	3.3.1	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	eq	version:	3.2	Trust: 0.3
vendor:	ingate	model:	siparator	scope:	ne	version:	4.4.1	Trust: 0.3
vendor:	ingate	model:	firewall	scope:	ne	version:	4.4.1	Trust: 0.3

sources: BID: 18318 // CNNVD: CNNVD-200606-201 // NVD: CVE-2006-2924

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-2924
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200606-201
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-19032
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2006-2924
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-19032
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-19032 // CNNVD: CNNVD-200606-201 // NVD: CVE-2006-2924

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-2924

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200606-201

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200606-201

EXTERNAL IDS

db:	BID	id:	18318	Trust: 2.0
db:	SECUNIA	id:	20479	Trust: 1.8
db:	VUPEN	id:	ADV-2006-2183	Trust: 1.7
db:	SECTRACK	id:	1016245	Trust: 1.7
db:	SECTRACK	id:	1016244	Trust: 1.7
db:	NVD	id:	CVE-2006-2924	Trust: 1.7
db:	CNNVD	id:	CNNVD-200606-201	Trust: 0.7
db:	XF	id:	26977	Trust: 0.6
db:	VULHUB	id:	VHN-19032	Trust: 0.1
db:	PACKETSTORM	id:	47098	Trust: 0.1

sources: VULHUB: VHN-19032 // BID: 18318 // PACKETSTORM: 47098 // CNNVD: CNNVD-200606-201 // NVD: CVE-2006-2924

REFERENCES

url:	http://www.ingate.com/relnote-441.php	Trust: 2.1
url:	http://www.securityfocus.com/bid/18318	Trust: 1.7
url:	http://securitytracker.com/id?1016244	Trust: 1.7
url:	http://securitytracker.com/id?1016245	Trust: 1.7
url:	http://secunia.com/advisories/20479	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2006/2183	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/26977	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/26977	Trust: 0.6
url:	http://www.frsirt.com/english/advisories/2006/2183	Trust: 0.6
url:	http://www.ingate.com/	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/4050/	Trust: 0.1
url:	http://secunia.com/product/5687/	Trust: 0.1
url:	http://www.ingate.com/upgrades.php	Trust: 0.1
url:	http://secunia.com/advisories/20479/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/secunia_security_specialist/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-19032 // BID: 18318 // PACKETSTORM: 47098 // CNNVD: CNNVD-200606-201 // NVD: CVE-2006-2924

CREDITS

Ingate

Trust: 0.6

sources: CNNVD: CNNVD-200606-201

SOURCES

db:	VULHUB	id:	VHN-19032
db:	BID	id:	18318
db:	PACKETSTORM	id:	47098
db:	CNNVD	id:	CNNVD-200606-201
db:	NVD	id:	CVE-2006-2924

LAST UPDATE DATE

2024-11-23T22:28:31.941000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-19032	date:	2017-07-20T00:00:00
db:	BID	id:	18318	date:	2006-06-07T21:47:00
db:	CNNVD	id:	CNNVD-200606-201	date:	2006-06-09T00:00:00
db:	NVD	id:	CVE-2006-2924	date:	2024-11-21T00:12:24.870

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-19032	date:	2006-06-09T00:00:00
db:	BID	id:	18318	date:	2006-06-07T00:00:00
db:	PACKETSTORM	id:	47098	date:	2006-06-10T05:36:59
db:	CNNVD	id:	CNNVD-200606-201	date:	2006-06-09T00:00:00
db:	NVD	id:	CVE-2006-2924	date:	2006-06-09T10:02:00