Sign-up

ID

VAR-200711-0144


CVE

CVE-2007-6097


TITLE

Ingate Firewall and SIParator of ICMP Vulnerability in implementation

Trust: 0.8

sources: JVNDB: JVNDB-2007-004667

DESCRIPTION

Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted.". Ingate Firewall and SIParator products are prone to multiple vulnerabilities that include buffer-overflow, information-disclosure, and denial-of-service issues. An attacker may access sensitive information, cause denial-of-service conditions, or potentially execute arbitrary code. Versions prior to Ingate Firewall 4.6.0 and Ingate SIParator 4.6.0 are vulnerable. Both Ingate Firewall and SIParator are enterprise-level hardware firewall devices

Trust: 1.98

sources: NVD: CVE-2007-6097 // JVNDB: JVNDB-2007-004667 // BID: 26486 // VULHUB: VHN-29459

AFFECTED PRODUCTS

vendor:ingatemodel:siparatorscope:lteversion:4.5.2

Trust: 1.0

vendor:ingatemodel:firewallscope:lteversion:4.5.2

Trust: 1.0

vendor:ingatemodel:siparatorscope:eqversion:4.5.2

Trust: 0.9

vendor:ingatemodel:firewallscope:eqversion:4.5.2

Trust: 0.9

vendor:ingatemodel:firewallscope:ltversion:4.6.0

Trust: 0.8

vendor:ingatemodel:siparatorscope:ltversion:4.6.0

Trust: 0.8

vendor:ingatemodel:siparatorscope:eqversion:4.5.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.4.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.3.4

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.3.3

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.3.2

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.3.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.3

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.2.3

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.2.2

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.2.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:3.3.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:3.2.1

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:3.2

Trust: 0.3

vendor:ingatemodel:siparatorscope:eqversion:4.4

Trust: 0.3

vendor:ingatemodel:firewalllscope:eqversion:4.4

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.5.1

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.4.1

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.3.4

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.3.3

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.3.2

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.3.1

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.3

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.2.3

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.2.2

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.2.1

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:4.1.3

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:3.3.1

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:3.2.1

Trust: 0.3

vendor:ingatemodel:firewallscope:eqversion:3.2

Trust: 0.3

vendor:ingatemodel:siparatorscope:neversion:4.6

Trust: 0.3

vendor:ingatemodel:firewallscope:neversion:4.6

Trust: 0.3

sources: BID: 26486 // JVNDB: JVNDB-2007-004667 // CNNVD: CNNVD-200711-314 // NVD: CVE-2007-6097

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-6097
value: HIGH

Trust: 1.0

NVD: CVE-2007-6097
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200711-314
value: CRITICAL

Trust: 0.6

VULHUB: VHN-29459
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-6097
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-29459
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-29459 // JVNDB: JVNDB-2007-004667 // CNNVD: CNNVD-200711-314 // NVD: CVE-2007-6097

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2007-6097

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200711-314

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200711-314

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-004667

PATCH
title:Ingate Firewallurl:http://www.ingate.com/firewalls.php
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-004667

EXTERNAL IDS
db:NVDid:CVE-2007-6097
Trust: 2.8
db:BIDid:26486
Trust: 2.0
db:JVNDBid:JVNDB-2007-004667
Trust: 0.8
db:CNNVDid:CNNVD-200711-314
Trust: 0.7
db:VULHUBid:VHN-29459
Trust: 0.1
sources:
            
            
            VULHUB: VHN-29459 // 
            
            
            
            BID: 26486 // 
            
            
            
            JVNDB: JVNDB-2007-004667 // 
            
            
            
            CNNVD: CNNVD-200711-314 // 
            
            
            
            NVD: CVE-2007-6097

REFERENCES
url:http://www.ingate.com/relnote-460.php
Trust: 2.0
url:http://www.securityfocus.com/bid/26486
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6097
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6097
Trust: 0.8
url:http://www.ingate.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-29459 // 
            
            
            
            BID: 26486 // 
            
            
            
            JVNDB: JVNDB-2007-004667 // 
            
            
            
            CNNVD: CNNVD-200711-314 // 
            
            
            
            NVD: CVE-2007-6097

CREDITS
Ingate Systems
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200711-314

SOURCES
db:VULHUBid:VHN-29459
db:BIDid:26486
db:JVNDBid:JVNDB-2007-004667
db:CNNVDid:CNNVD-200711-314
db:NVDid:CVE-2007-6097

LAST UPDATE DATE
2024-11-23T22:03:48.102000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-29459date:2008-11-15T00:00:00
db:BIDid:26486date:2007-12-18T20:06:00
db:JVNDBid:JVNDB-2007-004667date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200711-314date:2007-11-23T00:00:00
db:NVDid:CVE-2007-6097date:2024-11-21T00:39:21.173

SOURCES RELEASE DATE
db:VULHUBid:VHN-29459date:2007-11-22T00:00:00
db:BIDid:26486date:2007-11-16T00:00:00
db:JVNDBid:JVNDB-2007-004667date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200711-314date:2007-11-21T00:00:00
db:NVDid:CVE-2007-6097date:2007-11-22T00:46:00