ID CVE-2005-4197
Summary tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet.
References
Vulnerable Configurations
  • cpe:2.3:a:nortel:ssl_vpn:4.1.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:ssl_vpn:4.1.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:ssl_vpn:4.1.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:ssl_vpn:4.1.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:ssl_vpn:-:*:*:*:*:*:*:*
    cpe:2.3:a:nortel:ssl_vpn:-:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 19-10-2018 - 15:40)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 15798
bugtraq 20051212 SEC Consult SA-20051211-0 :: Nortel SSL VPN Cross Site Scripting/Command Execution
misc http://www.sec-consult.com/247.html
sectrack 1015341
secunia 17974
vupen ADV-2005-2845
vulnerable_product via4
  • cpe:2.3:a:nortel:ssl_vpn:4.1.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:ssl_vpn:4.1.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:nortel:ssl_vpn:-:*:*:*:*:*:*:*
Last major update 19-10-2018 - 15:40
Published 13-12-2005 - 11:03
Back to Top